Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1491

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-1491
Last Modified 05 Sep 2008 04:41:33
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1491

Summary

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

Vulnerable Systems

Operating System

  • Gentoo Linux

  • Kde 3.2.3

  • Suse Linux 1.0

  • Suse Linux 2.0

  • Suse Linux 3.0

  • Suse Linux 4.0

  • Suse Linux 4.2

  • Suse Linux 4.3

  • Suse Linux 4.4

  • Suse Linux 4.4.1

  • Suse Linux 5.0

  • Suse Linux 5.1

  • Suse Linux 5.2

  • Suse Linux 5.3

  • Suse Linux 6.0

  • Suse Linux 6.1

  • Suse Linux 6.2

  • Suse Linux 6.3

  • Suse Linux 6.4

  • Suse Linux 7.0

  • Suse Linux 7.1

  • Suse Linux 7.2

  • Suse Linux 7.3

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Opera Software Opera Web Browser 7.54


References

BID - 11901

GENTOO - GLSA-200502-17

SECUNIA - 13447

XF - pera-kfmclient-command-execution(18457)

MISC - http://www.zone-h.org/advisories/read/id=6503

CONFIRM - http://www.opera.com/linux/changelogs/754u2/

SUSE - SUSE-SR:2005:008


Last Updated: 27 May 2016 10:39:04