Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-4795

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2008-4795
Last Modified 26 Feb 2009 02:01:40
Published 30 Oct 2008 04:56:54
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-4795

Summary

The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.

Vulnerable Systems

Application

  • Opera 5..10

  • Opera 5.0

  • Opera 5.1

  • Opera 5.11

  • Opera 5.12

  • Opera 5.2

  • Opera 5.3

  • Opera 5.4

  • Opera 5.5

  • Opera 5.6

  • Opera 5.7

  • Opera 5.8

  • Opera 5.9

  • Opera 6

  • Opera 6.0

  • Opera 6.01

  • Opera 6.02

  • Opera 6.03

  • Opera 6.04

  • Opera 6.05

  • Opera 6.06

  • Opera 7

  • Opera 7.0

  • Opera 7.01

  • Opera 7.02

  • Opera 7.03

  • Opera 7.10

  • Opera 7.11

  • Opera 7.20

  • Opera 7.21

  • Opera 7.22

  • Opera 7.23

  • Opera 7.50

  • Opera 7.51

  • Opera 7.52

  • Opera 7.53

  • Opera 7.54

  • Opera 8.0

  • Opera 8.01

  • Opera 8.02

  • Opera 8.50

  • Opera 8.51

  • Opera 8.52

  • Opera 8.53

  • Opera 8.54

  • Opera 9.0

  • Opera 9.01

  • Opera 9.02

  • Opera 9.10

  • Opera 9.20

  • Opera 9.21

  • Opera 9.22

  • Opera 9.23

  • Opera 9.24

  • Opera 9.25

  • Opera 9.26

  • Opera 9.27

  • Opera 9.50

  • Opera 9.51

  • Opera 9.61


References

BID - 31991

XF - opera-linkspanel-xss(46220)

SECTRACK - 1021127

CONFIRM - http://www.opera.com/support/search/view/907/

GENTOO - GLSA-200811-01

SECUNIA - 32538

SUSE - SUSE-SR:2008:023


Last Updated: 27 May 2016 10:48:38