Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4200

Overview

Vulnerability Score 6.4 6.4
CVE Id CVE-2008-4200
Last Modified 01 Feb 2011 01:01:19
Published 27 Sep 2008 06:30:03
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2008-4200

Summary

Opera before 9.52 does not ensure that the address field of a news feed represents the feed's actual URL, which allows remote attackers to change this field to display the URL of a page containing web script controlled by the attacker.

Vulnerable Systems

Application

  • Opera Browser 5.0

  • Opera Browser 5.02

  • Opera Browser 5.10

  • Opera Browser 5.11

  • Opera Browser 5.12

  • Opera Browser 6.0

  • Opera Browser 6.01

  • Opera Browser 6.02

  • Opera Browser 6.03

  • Opera Browser 6.04

  • Opera Browser 6.05

  • Opera Browser 6.06

  • Opera Browser 6.1

  • Opera Browser 6.11

  • Opera Browser 6.12

  • Opera Browser 7.0

  • Opera Browser 7.01

  • Opera Browser 7.02

  • Opera Browser 7.03

  • Opera Browser 7.10

  • Opera Browser 7.11

  • Opera Browser 7.20

  • Opera Browser 7.21

  • Opera Browser 7.22

  • Opera Browser 7.23

  • Opera Browser 7.50

  • Opera Browser 7.51

  • Opera Browser 7.52

  • Opera Browser 7.53

  • Opera Browser 7.54

  • Opera Browser 7.60

  • Opera Browser 8.0

  • Opera Browser 8.01

  • Opera Browser 8.02

  • Opera Browser 8.50

  • Opera Browser 8.51

  • Opera Browser 8.52

  • Opera Browser 8.53

  • Opera Browser 8.54

  • Opera Browser 9.0

  • Opera Browser 9.01

  • Opera Browser 9.02

  • Opera Browser 9.10

  • Opera Browser 9.12

  • Opera Browser 9.20

  • Opera Browser 9.21

  • Opera Browser 9.22

  • Opera Browser 9.23

  • Opera Browser 9.24

  • Opera Browser 9.25

  • Opera Browser 9.26

  • Opera Browser 9.27

  • Opera Browser 9.50

  • Opera Browser 9.51


References

CONFIRM - http://www.opera.com/support/search/view/897/

CONFIRM - http://www.opera.com/docs/changelogs/windows/952/

CONFIRM - http://www.opera.com/docs/changelogs/solaris/952/

CONFIRM - http://www.opera.com/docs/changelogs/mac/952/

CONFIRM - http://www.opera.com/docs/changelogs/linux/952/

CONFIRM - http://www.opera.com/docs/changelogs/freebsd/952/

XF - opera-newsfeed-weak-security(44559)

VUPEN - ADV-2008-2416

SECTRACK - 1020723

BID - 30768

MLIST - [oss-security] 20080923 Re: CVE request: Opera < 9.52 multiple vulnerabilities

MLIST - [oss-security] 20080919 CVE request: Opera < 9.52 multiple vulnerabilities

GENTOO - GLSA-200811-01

SECUNIA - 32538

SECUNIA - 31549

CONFIRM - http://bugs.gentoo.org/show_bug.cgi?id=235298


Last Updated: 27 May 2016 10:48:25