exploitDog

CVE-2004-1489

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.

Ссылки

http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029044.html
Exploit
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml
Patch
Third Party Advisory
http://www.opera.com/linux/changelogs/754u1/
Broken Link
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029044.html
Exploit
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml
Patch
Third Party Advisory
http://www.opera.com/linux/changelogs/754u1/
Broken Link

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 7.54 (включая)

EPSS

Процентиль: 61%

0.00408

Низкий

2.6 Low

CVSS2

Дефекты

CWE-668

Связанные уязвимости

GHSA-4rx2-jpv5-vjjg

github

почти 4 года назад

Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.

EPSS

Процентиль: 61%

0.00408

Низкий

2.6 Low

CVSS2

Дефекты

CWE-668