Lucene search
HistoryJul 08, 2010 - 12:54 p.m.
CVE-2010-2666
cve-2010-2666
opera
windows
mac os x
widget
filesystem
directory selection
remote code execution
nvd
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.1 Low
EPSS
Percentile
94.9%
Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations.
Affected configurations
Node
operaopera_browserRange≤10.53
ORoperaopera_browserMatch5.0
ORoperaopera_browserMatch5.0beta2
ORoperaopera_browserMatch5.0beta3
ORoperaopera_browserMatch5.0beta4
ORoperaopera_browserMatch5.0beta5
ORoperaopera_browserMatch5.0beta6
ORoperaopera_browserMatch5.0beta7
ORoperaopera_browserMatch5.0beta8
ORoperaopera_browserMatch5.02
ORoperaopera_browserMatch5.10
ORoperaopera_browserMatch5.11
ORoperaopera_browserMatch5.12
ORoperaopera_browserMatch6.0
ORoperaopera_browserMatch6.0beta1
ORoperaopera_browserMatch6.0beta2
ORoperaopera_browserMatch6.0tp1
ORoperaopera_browserMatch6.0tp2
ORoperaopera_browserMatch6.0tp3
ORoperaopera_browserMatch6.01
ORoperaopera_browserMatch6.02
ORoperaopera_browserMatch6.03
ORoperaopera_browserMatch6.04
ORoperaopera_browserMatch6.05
ORoperaopera_browserMatch6.06
ORoperaopera_browserMatch7.0
ORoperaopera_browserMatch7.0beta1
ORoperaopera_browserMatch7.0beta1_v2
ORoperaopera_browserMatch7.0beta2
ORoperaopera_browserMatch7.01
ORoperaopera_browserMatch7.02
ORoperaopera_browserMatch7.03
ORoperaopera_browserMatch7.10
ORoperaopera_browserMatch7.10beta1
ORoperaopera_browserMatch7.11
ORoperaopera_browserMatch7.11beta2
ORoperaopera_browserMatch7.20
ORoperaopera_browserMatch7.20beta7
ORoperaopera_browserMatch7.21
ORoperaopera_browserMatch7.22
ORoperaopera_browserMatch7.23
ORoperaopera_browserMatch7.50
ORoperaopera_browserMatch7.50beta1
ORoperaopera_browserMatch7.51
ORoperaopera_browserMatch7.52
ORoperaopera_browserMatch7.53
ORoperaopera_browserMatch7.54
ORoperaopera_browserMatch7.54update1
ORoperaopera_browserMatch7.54update2
ORoperaopera_browserMatch7.60
ORoperaopera_browserMatch8.0
ORoperaopera_browserMatch8.0beta1
ORoperaopera_browserMatch8.0beta2
ORoperaopera_browserMatch8.0beta3
ORoperaopera_browserMatch8.01
ORoperaopera_browserMatch8.02
ORoperaopera_browserMatch8.50
ORoperaopera_browserMatch8.51
ORoperaopera_browserMatch8.52
ORoperaopera_browserMatch8.53
ORoperaopera_browserMatch8.54
ORoperaopera_browserMatch9.0
ORoperaopera_browserMatch9.0beta1
ORoperaopera_browserMatch9.0beta2
ORoperaopera_browserMatch9.01
ORoperaopera_browserMatch9.02
ORoperaopera_browserMatch9.10
ORoperaopera_browserMatch9.12
ORoperaopera_browserMatch9.20
ORoperaopera_browserMatch9.20beta1
ORoperaopera_browserMatch9.21
ORoperaopera_browserMatch9.22
ORoperaopera_browserMatch9.23
ORoperaopera_browserMatch9.24
ORoperaopera_browserMatch9.25
ORoperaopera_browserMatch9.26
ORoperaopera_browserMatch9.27
ORoperaopera_browserMatch9.50
ORoperaopera_browserMatch9.50beta1
ORoperaopera_browserMatch9.50beta2
ORoperaopera_browserMatch9.51
ORoperaopera_browserMatch9.52
ORoperaopera_browserMatch9.60
ORoperaopera_browserMatch9.60beta1
ORoperaopera_browserMatch9.61
ORoperaopera_browserMatch9.62
ORoperaopera_browserMatch9.63
ORoperaopera_browserMatch9.64
ORoperaopera_browserMatch10.00
ORoperaopera_browserMatch10.00beta1
ORoperaopera_browserMatch10.00beta2
ORoperaopera_browserMatch10.00beta3
ORoperaopera_browserMatch10.01
ORoperaopera_browserMatch10.10
ORoperaopera_browserMatch10.10beta1
ORoperaopera_browserMatch10.50
ORoperaopera_browserMatch10.50beta1
ORoperaopera_browserMatch10.51
ORoperaopera_browserMatch10.52
microsoftwindows
Node
operaopera_browserRange≤10.53
ORoperaopera_browserMatch6.0
ORoperaopera_browserMatch6.0beta1
ORoperaopera_browserMatch6.0beta2
ORoperaopera_browserMatch6.0beta3
ORoperaopera_browserMatch6.02
ORoperaopera_browserMatch6.03
ORoperaopera_browserMatch7.50
ORoperaopera_browserMatch7.50beta1
ORoperaopera_browserMatch7.51
ORoperaopera_browserMatch7.52
ORoperaopera_browserMatch7.53
ORoperaopera_browserMatch7.54
ORoperaopera_browserMatch7.54update1
ORoperaopera_browserMatch7.54update2
ORoperaopera_browserMatch8.0beta1
ORoperaopera_browserMatch8.01
ORoperaopera_browserMatch8.02
ORoperaopera_browserMatch8.50
ORoperaopera_browserMatch8.51
ORoperaopera_browserMatch8.52
ORoperaopera_browserMatch8.54
ORoperaopera_browserMatch9.0
ORoperaopera_browserMatch9.0beta1
ORoperaopera_browserMatch9.0beta2
ORoperaopera_browserMatch9.01
ORoperaopera_browserMatch9.02
ORoperaopera_browserMatch9.10
ORoperaopera_browserMatch9.20
ORoperaopera_browserMatch9.20beta1
ORoperaopera_browserMatch9.21
ORoperaopera_browserMatch9.22
ORoperaopera_browserMatch9.23
ORoperaopera_browserMatch9.24
ORoperaopera_browserMatch9.25
ORoperaopera_browserMatch9.26
ORoperaopera_browserMatch9.27
ORoperaopera_browserMatch9.50
ORoperaopera_browserMatch9.50beta1
ORoperaopera_browserMatch9.50beta2
ORoperaopera_browserMatch9.51
ORoperaopera_browserMatch9.52
ORoperaopera_browserMatch9.60
ORoperaopera_browserMatch9.60beta1
ORoperaopera_browserMatch9.61
ORoperaopera_browserMatch9.62
ORoperaopera_browserMatch9.63
ORoperaopera_browserMatch9.64
ORoperaopera_browserMatch10.00
ORoperaopera_browserMatch10.00beta1
ORoperaopera_browserMatch10.00beta2
ORoperaopera_browserMatch10.00beta3
ORoperaopera_browserMatch10.01
ORoperaopera_browserMatch10.10
ORoperaopera_browserMatch10.10beta1
ORoperaopera_browserMatch10.50beta1
ORoperaopera_browserMatch10.52
ORoperaopera_browserMatch10.52beta1
ORoperaopera_browserMatch10.52beta2
applemac_os_x
References
secunia.com/advisories/40250
www.opera.com/docs/changelogs/mac/1054/
www.opera.com/docs/changelogs/windows/1054/
www.opera.com/support/kb/view/962/
www.securityfocus.com/bid/40973
www.vupen.com/english/advisories/2010/1529
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11950
Related
nvd
nvd
CVE-2010-2666
2010-07-08 12:54:47
prion
prion
Directory traversal
2010-07-08 12:54:00
cvelist
cvelist
CVE-2010-2666
2010-07-07 18:00:00
openvas
openvas
Opera Browser Multiple Vulnerabilities july-10 (Win02)
2010-07-16 00:00:00
Opera Browser < 10.54 Multiple Vulnerabilities (Jul 2010) - Windows
2010-07-16 00:00:00
nessus
nessus
Opera < 10.54 Multiple Vulnerabilities
2010-06-22 00:00:00
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.5 High
AI Score
Confidence
Low
0.1 Low
EPSS
Percentile
94.9%
Related for CVE-2010-2666