Unrated severityNVD Advisory· Published Feb 26, 2007· Updated Apr 23, 2026
CVE-2007-1115
CVE-2007-1115
Description
The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set.
Affected products
9cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.0:beta1:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.hardened-php.net/advisory_032007.142.htmlnvdPatchVendor Advisory
- secunia.com/advisories/24312nvdVendor Advisory
- secunia.com/advisories/25027nvdVendor Advisory
- www.vupen.com/english/advisories/2007/0745nvdVendor Advisory
- osvdb.org/32118nvd
- www.novell.com/linux/security/advisories/2007_28_opera.htmlnvd
- www.opera.com/support/search/view/855/nvd
- www.securityfocus.com/archive/1/461076/100/0/threadednvd
- www.securityfocus.com/bid/22701nvd
- www.securitytracker.com/idnvd
News mentions
0No linked articles in our index yet.