Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4695

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-4695
Last Modified 07 Mar 2011 10:12:53
Published 23 Oct 2008 06:00:01
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4695

Summary

Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.

Vulnerable Systems

Application

  • Opera 5.0

  • Opera 5.02

  • Opera 5.10

  • Opera 5.11

  • Opera 5.12

  • Opera 6.0

  • Opera 6.01

  • Opera 6.02

  • Opera 6.03

  • Opera 6.04

  • Opera 6.05

  • Opera 6.06

  • Opera 6.1

  • Opera 6.11

  • Opera 6.12

  • Opera 7.0

  • Opera 7.01

  • Opera 7.02

  • Opera 7.03

  • Opera 7.10

  • Opera 7.11

  • Opera 7.20

  • Opera 7.21

  • Opera 7.22

  • Opera 7.23

  • Opera 7.50

  • Opera 7.51

  • Opera 7.52

  • Opera 7.53

  • Opera 7.54

  • Opera 8.0

  • Opera 8.01

  • Opera 8.02

  • Opera 8.50

  • Opera 8.51

  • Opera 8.52

  • Opera 8.53

  • Opera 8.54

  • Opera 9.0

  • Opera 9.01

  • Opera 9.02

  • Opera 9.10

  • Opera 9.20

  • Opera 9.21

  • Opera 9.22

  • Opera 9.23

  • Opera 9.24

  • Opera 9.25

  • Opera 9.26

  • Opera 9.27

  • Opera 9.50

  • Opera 9.51

  • Opera 9.52

  • Opera 9.60


References

XF - opera-java-applets-information-disclosure(45723)

VUPEN - ADV-2008-2765

BID - 31643

CONFIRM - http://www.opera.com/support/search/view/902/

CONFIRM - http://www.opera.com/docs/changelogs/windows/960/

CONFIRM - http://www.opera.com/docs/changelogs/solaris/960/

CONFIRM - http://www.opera.com/docs/changelogs/mac/960/

CONFIRM - http://www.opera.com/docs/changelogs/linux/960/

CONFIRM - http://www.opera.com/docs/changelogs/freebsd/960/

MLIST - [oss-security] 20081022 Re: CVE Request: Opera 9.60 with security fixes

MLIST - [oss-security] 20081021 CVE Request: Opera 9.60 with security fixes

SECTRACK - 1021017

GENTOO - GLSA-200811-01

SECUNIA - 32538

SECUNIA - 32394

SECUNIA - 32177

SUSE - SUSE-SR:2008:022


Last Updated: 27 May 2016 10:48:36