CVE-2004-2570
5
CVSS Score
Medium
Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Link copied!
Description
Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.
CVSS Vector Details
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
None
Affected Software Configurations
- a opera opera_browser * * * * * * * *
Weaknesses (CWE)
- CWE-74
References & External Links
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html
- http://osvdb.org/8331
- http://secunia.com/advisories/12233
- http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml
- http://www.greymagic.com/security/advisories/gm008-op/
- http://www.opera.com/docs/changelogs/windows/754/
- http://www.securityfocus.com/bid/10873
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16904
- http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html
- http://osvdb.org/8331
- http://secunia.com/advisories/12233
- http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml
- http://www.greymagic.com/security/advisories/gm008-op/
- http://www.opera.com/docs/changelogs/windows/754/
- http://www.securityfocus.com/bid/10873
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16904