CVE-2004-2570

Опубликовано: 31 дек. 2004

Источник: nvd

CVSS2: 5

EPSS Низкий

Описание

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.

Ссылки

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html
Broken Link
http://osvdb.org/8331
Broken Link
http://secunia.com/advisories/12233
Broken Link
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml
Patch
Third Party Advisory
http://www.greymagic.com/security/advisories/gm008-op/
Broken Link
Exploit
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/754/
Broken Link
Patch
http://www.securityfocus.com/bid/10873
Broken Link
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/16904
Third Party Advisory
VDB Entry
http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html
Broken Link
http://osvdb.org/8331
Broken Link
http://secunia.com/advisories/12233
Broken Link
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml
Patch
Third Party Advisory
http://www.greymagic.com/security/advisories/gm008-op/
Broken Link
Exploit
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/754/
Broken Link
Patch
http://www.securityfocus.com/bid/10873
Broken Link
Patch
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/16904
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 7.54 (исключая)

EPSS

Процентиль: 75%

0.00874

Низкий

5 Medium

CVSS2

Дефекты

CWE-74

Связанные уязвимости

GHSA-cjpf-wj6v-f529

github

почти 4 года назад