漏洞标题
N/A
漏洞描述信息
在Android上的 Opera 37.0.2192.105088 中,阿拉伯语、希伯来语等语言字符从右到左的顺序显示。由于处理了一些 Unicode 字符(如 U+FE70、U+0622、U+0623 等),以及这些字符的渲染方式(第一个强字符),如 IP 地址或字母等,可能导致一个被伪造的 URL。注意到,将中性字符(如 "/" 和 "?")放在 filepath 中,可以使 URL 从右到左翻转并显示。然而,为了让 URL 被伪造,URL 必须由 IP 地址 followed by 中性字符开始,因为 omnibox 认为 IP 地址是标点符号和数字的组合。由于 LTR (Left To Right) 方向未被正确执行,这导致整个 URL 被处理和从 RTL (Right To Left) 显示。然而,它并不需要是 IP 地址,重要的是 URL 中的第一个强字符(一般,字母字符)必须是 RTL 字符。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
漏洞类别
N/A
漏洞标题
N/A
漏洞描述信息
Characters from languages are such as Arabic, Hebrew are displayed from RTL (Right To Left) order in Opera 37.0.2192.105088 for Android, due to mishandling of several unicode characters such as U+FE70, U+0622, U+0623 etc and how they are rendered combined with (first strong character) such as an IP address or alphabet could lead to a spoofed URL. It was noticed that by placing neutral characters such as "/", "?" in filepath causes the URL to be flipped and displayed from Right To Left. However, in order for the URL to be spoofed the URL must begin with an IP address followed by neutral characters as omnibox considers IP address to be combination of punctuation and numbers and since LTR (Left To Right) direction is not properly enforced, this causes the entire URL to be treated and rendered from RTL (Right To Left). However, it doesn't have be an IP address, what matters is that first strong character (generally, alphabetic character) in the URL must be an RTL character.
CVSS信息
N/A
漏洞类别
N/A
漏洞标题
Opera 安全漏洞
漏洞描述信息
Opera是挪威欧朋(Opera Software)公司所开发的一款Web浏览器,它支持多窗口浏览、可定制用户界面等。 基于Android系统的Opera 37.0.2192.105088版本中存在安全漏洞,该漏洞源于程序没有正确处理统一码字符。攻击者可利用该漏洞实施钓鱼攻击。
CVSS信息
N/A
漏洞类别
授权问题