Lucene search
HistoryDec 19, 2008 - 4:30 p.m.
CVE-2008-5681
cve-2008-5681
opera
security vulnerability
feed preview
remote attackers
scripted urls
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Opera before 9.63 does not block unspecified “scripted URLs” during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs.
Affected configurations
Node
operaopera_browserRange≤9.62
ORoperaopera_browserMatch1.00
ORoperaopera_browserMatch2.00
ORoperaopera_browserMatch2.10
ORoperaopera_browserMatch2.10beta1
ORoperaopera_browserMatch2.10beta2
ORoperaopera_browserMatch2.10beta3
ORoperaopera_browserMatch2.12
ORoperaopera_browserMatch3.00
ORoperaopera_browserMatch3.00beta
ORoperaopera_browserMatch3.10
ORoperaopera_browserMatch3.21
ORoperaopera_browserMatch3.50
ORoperaopera_browserMatch3.51
ORoperaopera_browserMatch3.60
ORoperaopera_browserMatch3.61
ORoperaopera_browserMatch3.62
ORoperaopera_browserMatch3.62beta
ORoperaopera_browserMatch4.00
ORoperaopera_browserMatch4.00beta2
ORoperaopera_browserMatch4.00beta3
ORoperaopera_browserMatch4.00beta4
ORoperaopera_browserMatch4.00beta5
ORoperaopera_browserMatch4.00beta6
ORoperaopera_browserMatch4.01
ORoperaopera_browserMatch4.02
ORoperaopera_browserMatch5.0
ORoperaopera_browserMatch5.0beta2
ORoperaopera_browserMatch5.0beta3
ORoperaopera_browserMatch5.0beta4
ORoperaopera_browserMatch5.0beta5
ORoperaopera_browserMatch5.0beta6
ORoperaopera_browserMatch5.0beta7
ORoperaopera_browserMatch5.0beta8
ORoperaopera_browserMatch5.02
ORoperaopera_browserMatch5.10
ORoperaopera_browserMatch5.11
ORoperaopera_browserMatch5.12
ORoperaopera_browserMatch6.0
ORoperaopera_browserMatch6.0beta1
ORoperaopera_browserMatch6.0beta2
ORoperaopera_browserMatch6.0tp1
ORoperaopera_browserMatch6.0tp2
ORoperaopera_browserMatch6.0tp3
ORoperaopera_browserMatch6.1
ORoperaopera_browserMatch6.01
ORoperaopera_browserMatch6.1beta1
ORoperaopera_browserMatch6.02
ORoperaopera_browserMatch6.03
ORoperaopera_browserMatch6.04
ORoperaopera_browserMatch6.05
ORoperaopera_browserMatch6.06
ORoperaopera_browserMatch6.11
ORoperaopera_browserMatch6.12
ORoperaopera_browserMatch7.0
ORoperaopera_browserMatch7.0beta1
ORoperaopera_browserMatch7.0beta1_v2
ORoperaopera_browserMatch7.0beta2
ORoperaopera_browserMatch7.01
ORoperaopera_browserMatch7.02
ORoperaopera_browserMatch7.03
ORoperaopera_browserMatch7.10
ORoperaopera_browserMatch7.10beta1
ORoperaopera_browserMatch7.11
ORoperaopera_browserMatch7.11beta2
ORoperaopera_browserMatch7.20
ORoperaopera_browserMatch7.20beta7
ORoperaopera_browserMatch7.21
ORoperaopera_browserMatch7.22
ORoperaopera_browserMatch7.23
ORoperaopera_browserMatch7.50
ORoperaopera_browserMatch7.50beta1
ORoperaopera_browserMatch7.51
ORoperaopera_browserMatch7.52
ORoperaopera_browserMatch7.53
ORoperaopera_browserMatch7.54
ORoperaopera_browserMatch7.54update1
ORoperaopera_browserMatch7.54update2
ORoperaopera_browserMatch7.60
ORoperaopera_browserMatch8.0
ORoperaopera_browserMatch8.0beta1
ORoperaopera_browserMatch8.0beta2
ORoperaopera_browserMatch8.0beta3
ORoperaopera_browserMatch8.01
ORoperaopera_browserMatch8.02
ORoperaopera_browserMatch8.50
ORoperaopera_browserMatch8.51
ORoperaopera_browserMatch8.52
ORoperaopera_browserMatch8.53
ORoperaopera_browserMatch8.54
ORoperaopera_browserMatch9.0
ORoperaopera_browserMatch9.0beta1
ORoperaopera_browserMatch9.0beta2
ORoperaopera_browserMatch9.01
ORoperaopera_browserMatch9.02
ORoperaopera_browserMatch9.10
ORoperaopera_browserMatch9.12
ORoperaopera_browserMatch9.20
ORoperaopera_browserMatch9.20beta1
ORoperaopera_browserMatch9.21
ORoperaopera_browserMatch9.22
ORoperaopera_browserMatch9.23
ORoperaopera_browserMatch9.24
ORoperaopera_browserMatch9.25
ORoperaopera_browserMatch9.26
ORoperaopera_browserMatch9.27
ORoperaopera_browserMatch9.50
ORoperaopera_browserMatch9.50beta1
ORoperaopera_browserMatch9.50beta2
ORoperaopera_browserMatch9.51
ORoperaopera_browserMatch9.52
ORoperaopera_browserMatch9.60
ORoperaopera_browserMatch9.60beta1
ORoperaopera_browserMatch9.61
Related
nvd
nvd
CVE-2008-5681
2008-12-19 16:30:00
cvelist
cvelist
CVE-2008-5681
2008-12-19 16:09:00
prion
prion
Design/Logic Flaw
2008-12-19 16:30:00
openvas
openvas
Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Windows
2008-12-26 00:00:00
Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Linux
2008-12-26 00:00:00
Opera Web Browser Multiple Vulnerabilities - Dec08 (Linux)
2008-12-26 00:00:00
nessus
nessus
GLSA-200903-30 : Opera: Multiple vulnerabilities
2009-03-17 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2009-03-16 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
6.5 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
76.3%
Related for CVE-2008-5681