CVE-2007-6524

2007-12-2420:46:00

CWE-200

[email protected]

web.nvd.nist.gov

cve-2007-6524

security vulnerability

opera

remote attack

memory contents

bmp file

nvd

6.1 Medium

AI Score

Confidence

Low

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:C/I:N/A:N

0.007 Low

EPSS

Percentile

80.8%

JSON

Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420.

CPENameOperatorVersion
opera:opera_browseropera opera browsereq7.01
opera:opera_browseropera opera browsereq7.23
opera:opera_browseropera opera browsereq9.02
opera:opera_browseropera opera browsereq7.03
opera:opera_browseropera opera browsereq7.53
opera:opera_browseropera opera browsereq8.50
opera:opera_browseropera opera browsereq5.0
opera:opera_browseropera opera browsereq5.11
opera:opera_browseropera opera browsereq6.1
opera:opera_browseropera opera browsereq7.20

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	eq	7.01
opera:opera_browser	opera opera browser	eq	7.23
opera:opera_browser	opera opera browser	eq	9.02
opera:opera_browser	opera opera browser	eq	7.03
opera:opera_browser	opera opera browser	eq	7.53
opera:opera_browser	opera opera browser	eq	8.50
opera:opera_browser	opera opera browser	eq	5.0
opera:opera_browser	opera opera browser	eq	5.11
opera:opera_browser	opera opera browser	eq	6.1
opera:opera_browser	opera opera browser	eq	7.20