Lucene search

Japan Vulnerability NotesJVN:33880169

HistoryFeb 02, 2011 - 12:00 a.m.

JVN#33880169: Opera may insecurely load executable files

2011-02-0200:00:00

Japan Vulnerability Notes

jvn.jp

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.7%

JSON

Opera loads certain executables (.exe) when opening the folder where downloaded contents are stored. Opera contains an issue with the file search path, which may insecurely load executables.

Impact

An attacker may execute arbitrary code with the privilege of running the application.

Solution

Update the Software
Update to the latest version according to the information provided by the developer.

This issue has been resolved in Opera 11.01.

Products Affected

Opera prior to 11.01

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.049 Low

EPSS

Percentile

92.7%

JSON

Related for JVN:33880169