CVE-2009-2068

Severity Score

5.8

*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

Google Chrome detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that references a script file on an http site, related to "HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

Google Chrome detecta contenido http en páginas https únicamente cuando el marco (frame) de nivel superior usa https, lo que permite a atacantes "hombre-en-medio" (man-in-the-middle o MITM) ejecutar secuencias de comandos web de su elección, en un contexto de sitio https, modificando una página http para incluir un iframe https que referencia al archivo en un sitio http con la secuencia de comandos. Relacionado con "Páginas HTTP-Intended-but-HTTPS-Loadable (HPIHSL) pages."

*Credits: N/A

CVSS Scores

NISTv2 5.8

Attack Vector

Network

Attack Complexity

Medium

Authentication

None

Confidentiality

Partial

Integrity

Partial

Availability

None

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2009-06-15 CVE Reserved
2009-06-15 CVE Published
2024-08-07 CVE Updated
2024-11-18 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date
---------- First Exploit

CWE

CWE-287: Improper Authentication

CAPEC

References (3)

URL	Tag	Source
http://research.microsoft.com/apps/pubs/default.aspx?id=79323	X_refsource_misc
http://research.microsoft.com/pubs/79323/pbp-final-with-update.pdf	X_refsource_misc
https://exchange.xforce.ibmcloud.com/vulnerabilities/51192	Vdb Entry

URL	Date	SRC

URL	Date	SRC

URL	Date	SRC

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5..10 Search vendor "Opera" for product "Opera" and version "5..10"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_2		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_3		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_4		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_5		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_6		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_7		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.0 Search vendor "Opera" for product "Opera" and version "5.0"		beta_8		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.1 Search vendor "Opera" for product "Opera" and version "5.1"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.02 Search vendor "Opera" for product "Opera" and version "5.02"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.2 Search vendor "Opera" for product "Opera" and version "5.2"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.3 Search vendor "Opera" for product "Opera" and version "5.3"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.4 Search vendor "Opera" for product "Opera" and version "5.4"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.5 Search vendor "Opera" for product "Opera" and version "5.5"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.6 Search vendor "Opera" for product "Opera" and version "5.6"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.7 Search vendor "Opera" for product "Opera" and version "5.7"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.8 Search vendor "Opera" for product "Opera" and version "5.8"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.9 Search vendor "Opera" for product "Opera" and version "5.9"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.10 Search vendor "Opera" for product "Opera" and version "5.10"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.11 Search vendor "Opera" for product "Opera" and version "5.11"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				5.12 Search vendor "Opera" for product "Opera" and version "5.12"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6 Search vendor "Opera" for product "Opera" and version "6"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.0 Search vendor "Opera" for product "Opera" and version "6.0"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.0 Search vendor "Opera" for product "Opera" and version "6.0"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.0 Search vendor "Opera" for product "Opera" and version "6.0"		beta_2		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.0 Search vendor "Opera" for product "Opera" and version "6.0"		beta_3		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.1 Search vendor "Opera" for product "Opera" and version "6.1"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.01 Search vendor "Opera" for product "Opera" and version "6.01"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.02 Search vendor "Opera" for product "Opera" and version "6.02"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.03 Search vendor "Opera" for product "Opera" and version "6.03"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.04 Search vendor "Opera" for product "Opera" and version "6.04"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.05 Search vendor "Opera" for product "Opera" and version "6.05"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.06 Search vendor "Opera" for product "Opera" and version "6.06"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.11 Search vendor "Opera" for product "Opera" and version "6.11"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				6.12 Search vendor "Opera" for product "Opera" and version "6.12"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7 Search vendor "Opera" for product "Opera" and version "7"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.0 Search vendor "Opera" for product "Opera" and version "7.0"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.0 Search vendor "Opera" for product "Opera" and version "7.0"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.0 Search vendor "Opera" for product "Opera" and version "7.0"		beta_1v2		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.0 Search vendor "Opera" for product "Opera" and version "7.0"		beta_2		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.01 Search vendor "Opera" for product "Opera" and version "7.01"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.02 Search vendor "Opera" for product "Opera" and version "7.02"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.03 Search vendor "Opera" for product "Opera" and version "7.03"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.10 Search vendor "Opera" for product "Opera" and version "7.10"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.11 Search vendor "Opera" for product "Opera" and version "7.11"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.20 Search vendor "Opera" for product "Opera" and version "7.20"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.20 Search vendor "Opera" for product "Opera" and version "7.20"		beta7		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.21 Search vendor "Opera" for product "Opera" and version "7.21"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.22 Search vendor "Opera" for product "Opera" and version "7.22"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.23 Search vendor "Opera" for product "Opera" and version "7.23"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.30 Search vendor "Opera" for product "Opera" and version "7.30"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.50 Search vendor "Opera" for product "Opera" and version "7.50"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.50 Search vendor "Opera" for product "Opera" and version "7.50"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.51 Search vendor "Opera" for product "Opera" and version "7.51"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.52 Search vendor "Opera" for product "Opera" and version "7.52"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.54 Search vendor "Opera" for product "Opera" and version "7.54"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.54 Search vendor "Opera" for product "Opera" and version "7.54"		update_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				7.55 Search vendor "Opera" for product "Opera" and version "7.55"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.0 Search vendor "Opera" for product "Opera" and version "8.0"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.0 Search vendor "Opera" for product "Opera" and version "8.0"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.0 Search vendor "Opera" for product "Opera" and version "8.0"		beta_2		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.01 Search vendor "Opera" for product "Opera" and version "8.01"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.02 Search vendor "Opera" for product "Opera" and version "8.02"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.51 Search vendor "Opera" for product "Opera" and version "8.51"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.52 Search vendor "Opera" for product "Opera" and version "8.52"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.53 Search vendor "Opera" for product "Opera" and version "8.53"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				8.54 Search vendor "Opera" for product "Opera" and version "8.54"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.0 Search vendor "Opera" for product "Opera" and version "9.0"		beta_1		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.01 Search vendor "Opera" for product "Opera" and version "9.01"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.02 Search vendor "Opera" for product "Opera" and version "9.02"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.10 Search vendor "Opera" for product "Opera" and version "9.10"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.20 Search vendor "Opera" for product "Opera" and version "9.20"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.21 Search vendor "Opera" for product "Opera" and version "9.21"		-		Affected
Opera Search vendor "Opera"		Opera Search vendor "Opera" for product "Opera"				9.23 Search vendor "Opera" for product "Opera" and version "9.23"		-		Affected