Lucene search
HistorySep 02, 2009 - 5:30 p.m.
CVE-2009-3048
opera
linux
solaris
freebsd
remote attack
input type=file
cve-2009-3048
nvd
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.5%
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the “INPUT TYPE=file” functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a “dropped file.”
Affected configurations
Node
operaopera_browserRange≤10.00beta3
ORoperaopera_browserMatch1.00
ORoperaopera_browserMatch2.00
ORoperaopera_browserMatch2.10
ORoperaopera_browserMatch2.10beta1
ORoperaopera_browserMatch2.10beta2
ORoperaopera_browserMatch2.10beta3
ORoperaopera_browserMatch2.12
ORoperaopera_browserMatch3.00
ORoperaopera_browserMatch3.00beta
ORoperaopera_browserMatch3.10
ORoperaopera_browserMatch3.21
ORoperaopera_browserMatch3.50
ORoperaopera_browserMatch3.51
ORoperaopera_browserMatch3.60
ORoperaopera_browserMatch3.61
ORoperaopera_browserMatch3.62
ORoperaopera_browserMatch3.62beta
ORoperaopera_browserMatch4.00
ORoperaopera_browserMatch4.00beta2
ORoperaopera_browserMatch4.00beta3
ORoperaopera_browserMatch4.00beta4
ORoperaopera_browserMatch4.00beta5
ORoperaopera_browserMatch4.00beta6
ORoperaopera_browserMatch4.01
ORoperaopera_browserMatch4.02
ORoperaopera_browserMatch5.0
ORoperaopera_browserMatch5.0beta2
ORoperaopera_browserMatch5.0beta3
ORoperaopera_browserMatch5.0beta4
ORoperaopera_browserMatch5.0beta5
ORoperaopera_browserMatch5.0beta6
ORoperaopera_browserMatch5.0beta7
ORoperaopera_browserMatch5.0beta8
ORoperaopera_browserMatch5.02
ORoperaopera_browserMatch5.10
ORoperaopera_browserMatch5.11
ORoperaopera_browserMatch5.12
ORoperaopera_browserMatch6.0
ORoperaopera_browserMatch6.0beta1
ORoperaopera_browserMatch6.0beta2
ORoperaopera_browserMatch6.0tp1
ORoperaopera_browserMatch6.0tp2
ORoperaopera_browserMatch6.0tp3
ORoperaopera_browserMatch6.1
ORoperaopera_browserMatch6.01
ORoperaopera_browserMatch6.1beta1
ORoperaopera_browserMatch6.02
ORoperaopera_browserMatch6.03
ORoperaopera_browserMatch6.04
ORoperaopera_browserMatch6.05
ORoperaopera_browserMatch6.06
ORoperaopera_browserMatch6.11
ORoperaopera_browserMatch6.12
ORoperaopera_browserMatch7.0
ORoperaopera_browserMatch7.0beta1
ORoperaopera_browserMatch7.0beta1_v2
ORoperaopera_browserMatch7.0beta2
ORoperaopera_browserMatch7.01
ORoperaopera_browserMatch7.02
ORoperaopera_browserMatch7.03
ORoperaopera_browserMatch7.10
ORoperaopera_browserMatch7.10beta1
ORoperaopera_browserMatch7.11
ORoperaopera_browserMatch7.11beta2
ORoperaopera_browserMatch7.20
ORoperaopera_browserMatch7.20beta7
ORoperaopera_browserMatch7.21
ORoperaopera_browserMatch7.22
ORoperaopera_browserMatch7.23
ORoperaopera_browserMatch7.50
ORoperaopera_browserMatch7.50beta1
ORoperaopera_browserMatch7.51
ORoperaopera_browserMatch7.52
ORoperaopera_browserMatch7.53
ORoperaopera_browserMatch7.54
ORoperaopera_browserMatch7.54update1
ORoperaopera_browserMatch7.54update2
ORoperaopera_browserMatch7.60
ORoperaopera_browserMatch8.0
ORoperaopera_browserMatch8.0beta1
ORoperaopera_browserMatch8.0beta2
ORoperaopera_browserMatch8.0beta3
ORoperaopera_browserMatch8.01
ORoperaopera_browserMatch8.02
ORoperaopera_browserMatch8.50
ORoperaopera_browserMatch8.51
ORoperaopera_browserMatch8.52
ORoperaopera_browserMatch8.53
ORoperaopera_browserMatch8.54
ORoperaopera_browserMatch9.0
ORoperaopera_browserMatch9.0beta1
ORoperaopera_browserMatch9.0beta2
ORoperaopera_browserMatch9.01
ORoperaopera_browserMatch9.02
ORoperaopera_browserMatch9.10
ORoperaopera_browserMatch9.12
ORoperaopera_browserMatch9.20
ORoperaopera_browserMatch9.20beta1
ORoperaopera_browserMatch9.21
ORoperaopera_browserMatch9.22
ORoperaopera_browserMatch9.23
ORoperaopera_browserMatch9.24
ORoperaopera_browserMatch9.25
ORoperaopera_browserMatch9.26
ORoperaopera_browserMatch9.27
ORoperaopera_browserMatch9.50
ORoperaopera_browserMatch9.50beta1
ORoperaopera_browserMatch9.50beta2
ORoperaopera_browserMatch9.51
ORoperaopera_browserMatch9.52
ORoperaopera_browserMatch9.60
ORoperaopera_browserMatch9.60beta1
ORoperaopera_browserMatch9.61
ORoperaopera_browserMatch9.62
ORoperaopera_browserMatch9.63
ORoperaopera_browserMatch9.64
ORoperaopera_browserMatch10.00alpha
ORoperaopera_browserMatch10.00beta1
ORoperaopera_browserMatch10.00beta2
conectivalinux
ORfreebsdfreebsd
ORsunsolarisx86
Related
cvelist
cvelist
CVE-2009-3048
2009-09-02 17:00:00
nvd
nvd
CVE-2009-3048
2009-09-02 17:30:01
prion
prion
Input validation
2009-09-02 17:30:00
openvas
openvas
Opera Multiple URL Spoofing Vulnerabilities - Sep09 (Linux)
2009-09-07 00:00:00
Opera Multiple URL Spoofing Vulnerabilities (Sep 2009) - Linux
2009-09-07 00:00:00
Gentoo Security Advisory GLSA 201206-03 (Opera)
2012-08-10 00:00:00
nessus
nessus
GLSA-201206-03 : Opera: Multiple vulnerabilities
2012-06-21 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2012-06-15 00:00:00
4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
7.3 High
AI Score
Confidence
High
0.005 Low
EPSS
Percentile
77.5%
Related for CVE-2009-3048