Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4197

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4197
Last Modified 01 Sep 2009 01:20:13
Published 27 Sep 2008 06:30:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4197

Summary

Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.

Vulnerable Systems

Application

  • Opera Browser 9.51


References

XF - opera-shortcuts-code-execution(44552)

VUPEN - ADV-2008-2416

SECTRACK - 1020720

BID - 30768

CONFIRM - http://www.opera.com/support/search/view/894/

CONFIRM - http://www.opera.com/docs/changelogs/windows/952/

CONFIRM - http://www.opera.com/docs/changelogs/solaris/952/

CONFIRM - http://www.opera.com/docs/changelogs/linux/952/

CONFIRM - http://www.opera.com/docs/changelogs/freebsd/952/

MLIST - [oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities

MLIST - [oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities

GENTOO - GLSA-200811-01

SECUNIA - 32538

SECUNIA - 31549

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=235298


Last Updated: 27 May 2016 10:48:25