CVE-2004-1491

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Средний

Описание

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.

Ссылки

http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html
Third Party Advisory
Vendor Advisory
http://secunia.com/advisories/13447/
Broken Link
Patch
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml
Patch
Third Party Advisory
Vendor Advisory
http://www.opera.com/linux/changelogs/754u2/
Broken Link
http://www.securityfocus.com/bid/11901
Broken Link
Patch
Third Party Advisory
VDB Entry
http://www.zone-h.org/advisories/read/id=6503
Third Party Advisory
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18457
Third Party Advisory
VDB Entry
http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html
Third Party Advisory
Vendor Advisory
http://secunia.com/advisories/13447/
Broken Link
Patch
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml
Patch
Third Party Advisory
Vendor Advisory
http://www.opera.com/linux/changelogs/754u2/
Broken Link
http://www.securityfocus.com/bid/11901
Broken Link
Patch
Third Party Advisory
VDB Entry
http://www.zone-h.org/advisories/read/id=6503
Third Party Advisory
Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18457
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 7.54 (включая)

Конфигурация 2

Одно из

cpe:2.3:o:gentoo:linux:*:*:*:*:*:*:*:*

cpe:2.3:o:kde:kde:3.2.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:1.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:2.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:3.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:4.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:4.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:4.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:4.4:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:4.4.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:5.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:5.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:5.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:5.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.1:alpha:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.3:alpha:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.4:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:6.4:alpha:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.0:alpha:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.1:alpha:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:7.3:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:8.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.0:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:suse_linux:9.2:*:*:*:*:*:*:*

EPSS

Процентиль: 96%

0.2586

Средний

5 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-2hfm-w8q2-965h

github

почти 4 года назад