Denial of Service Vulnerability in Opera 6.0.3 with Squid Proxy
CVE-2002-2414

Currently unrated

Key Information:

Vendor: Opera Software
Status: Opera; Squid
Vendor: CVE Published:; 31 December 2002

🔔 Create Opera Software Vulnerability Alert

What is CVE-2002-2414?

A vulnerability exists in Opera 6.0.3 when using Squid 2.4 for HTTPS proxying, which fails to correctly handle non-global certificate authority certificates. This oversight allows remote attackers to exploit the flaw, leading to a denial of service situation where the application may crash upon establishing an HTTPS connection. Users relying on this setup should be aware of the risk and consider upgrading to a more secure version.

References

http://marc.info/?l=full-disclosure&m=103783186608438&w=2

mailing-listx_refsource_FULLDISC

http://www.securityfocus.com/bid/6218

vdb-entryx_refsource_BID

http://www.iss.net/security_center/static/10673.php

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Nov 1, 2007
Vulnerability published
Dec 31, 2002