Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4199

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2008-4199
Last Modified 01 Feb 2011 01:03:02
Published 27 Sep 2008 06:30:03
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4199

Summary

Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."

Vulnerable Systems

Application

  • Opera Browser 5.0

  • Opera Browser 5.02

  • Opera Browser 5.10

  • Opera Browser 5.11

  • Opera Browser 5.12

  • Opera Browser 6.0

  • Opera Browser 6.01

  • Opera Browser 6.02

  • Opera Browser 6.03

  • Opera Browser 6.04

  • Opera Browser 6.05

  • Opera Browser 6.06

  • Opera Browser 6.1

  • Opera Browser 6.11

  • Opera Browser 6.12

  • Opera Browser 7.0

  • Opera Browser 7.01

  • Opera Browser 7.02

  • Opera Browser 7.03

  • Opera Browser 7.10

  • Opera Browser 7.11

  • Opera Browser 7.20

  • Opera Browser 7.21

  • Opera Browser 7.22

  • Opera Browser 7.23

  • Opera Browser 7.50

  • Opera Browser 7.51

  • Opera Browser 7.52

  • Opera Browser 7.53

  • Opera Browser 7.54

  • Opera Browser 7.60

  • Opera Browser 8.0

  • Opera Browser 8.01

  • Opera Browser 8.02

  • Opera Browser 8.50

  • Opera Browser 8.51

  • Opera Browser 8.52

  • Opera Browser 8.53

  • Opera Browser 8.54

  • Opera Browser 9.0

  • Opera Browser 9.01

  • Opera Browser 9.02

  • Opera Browser 9.10

  • Opera Browser 9.12

  • Opera Browser 9.20

  • Opera Browser 9.21

  • Opera Browser 9.22

  • Opera Browser 9.23

  • Opera Browser 9.24

  • Opera Browser 9.25

  • Opera Browser 9.26

  • Opera Browser 9.27

  • Opera Browser 9.50

  • Opera Browser 9.51


References

XF - opera-feedsource-info-disclosure(44557)

VUPEN - ADV-2008-2416

BID - 30768

CONFIRM - http://www.opera.com/support/search/view/896/

CONFIRM - http://www.opera.com/docs/changelogs/windows/952/

CONFIRM - http://www.opera.com/docs/changelogs/solaris/952/

CONFIRM - http://www.opera.com/docs/changelogs/mac/952/

CONFIRM - http://www.opera.com/docs/changelogs/linux/952/

CONFIRM - http://www.opera.com/docs/changelogs/freebsd/952/

MLIST - [oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities

MLIST - [oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities

SECTRACK - 1020722

GENTOO - GLSA-200811-01

SECUNIA - 32538

SECUNIA - 31549

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=235298


Last Updated: 27 May 2016 10:48:25