Lucene search
HistoryJan 12, 2005 - 5:00 a.m.
CVE-2005-0456
cve-2005-0456
opera
data url
security vulnerability
code execution
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.6%
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| opera:opera_browser | opera opera browser | le | 7.54 |
References
Social References
More
Related
freebsd
freebsd
opera -- "data:" URI handler spoofing vulnerability
2005-01-12 00:00:00
nessus
nessus
FreeBSD : opera -- 'data:' URI handler spoofing vulnerability (20c9bb14-81e6-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
SUSE-SA:2005:031: opera
2005-07-20 00:00:00
GLSA-200502-17 : Opera: Multiple vulnerabilities
2005-02-15 00:00:00
openvas
openvas
FreeBSD Ports: opera, opera-devel, linux-opera
2008-09-04 00:00:00
FreeBSD Ports: opera, opera-devel, linux-opera
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200502-17 (Opera)
2008-09-24 00:00:00
cert
cert
Opera may insecurely execute binary data encoded in a URI
2005-01-20 00:00:00
cvelist
cvelist
CVE-2005-0456
2005-02-17 05:00:00
suse
suse
phishing problems in opera
2005-06-15 12:18:58
gentoo
gentoo
Opera: Multiple vulnerabilities
2005-02-14 00:00:00
6.6 Medium
AI Score
Confidence
Low
5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.6%
Related for CVE-2005-0456