Lucene search

[email protected]CVE-2004-0473

HistoryJul 07, 2004 - 4:00 a.m.

CVE-2004-0473

2004-07-0704:00:00

CWE-88

[email protected]

web.nvd.nist.gov

security

vulnerability

opera

argument injection

remote attackers

telnet uri

overwrite files

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.711 High

EPSS

Percentile

98.1%

JSON

Argument injection vulnerability in Opera before 7.50 does not properly filter “-” characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the “-f” option on Windows XP or (2) the “-n” option on Linux.

Affected configurations

NVD

Node

operaopera_browserRange<7.50

CPENameOperatorVersion
opera:opera_browseropera opera browserlt7.50

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	lt	7.50

References

security.gentoo.org/glsa/glsa-200405-19.xml

securitytracker.com/id?1010142

www.idefense.com/application/poi/display?id=104&type=vulnerabilities

www.opera.com/linux/changelogs/750/index.dml

www.securityfocus.com/bid/10341

exchange.xforce.ibmcloud.com/vulnerabilities/16139

2.6 Low

CVSS2

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:N/I:P/A:N

7 High

AI Score

Confidence

Low

0.711 High

EPSS

Percentile

98.1%

JSON

Related for CVE-2004-0473

openvas2 cvelist1 gentoo1 nvd1 nessus2 checkpoint_advisories1