Lucene search
HistoryOct 30, 2008 - 8:56 p.m.
CVE-2008-4795
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.19
Percentile
96.3%
The links panel in Opera before 9.62 processes Javascript within the context of the โoutermost pageโ of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.
Affected configurations
Node
operaoperaRangeโค9.61
ORoperaoperaMatch5..10
ORoperaoperaMatch5.0
ORoperaoperaMatch5.1
ORoperaoperaMatch5.2
ORoperaoperaMatch5.3
ORoperaoperaMatch5.4
ORoperaoperaMatch5.5
ORoperaoperaMatch5.6
ORoperaoperaMatch5.7
ORoperaoperaMatch5.8
ORoperaoperaMatch5.9
ORoperaoperaMatch5.11
ORoperaoperaMatch5.12
ORoperaoperaMatch6beta_1
ORoperaoperaMatch6.0
ORoperaoperaMatch6.01
ORoperaoperaMatch6.02
ORoperaoperaMatch6.03
ORoperaoperaMatch6.04
ORoperaoperaMatch6.05
ORoperaoperaMatch6.06
ORoperaoperaMatch7beta_1
ORoperaoperaMatch7beta_1.2
ORoperaoperaMatch7.0
ORoperaoperaMatch7.0beta_2
ORoperaoperaMatch7.01
ORoperaoperaMatch7.02
ORoperaoperaMatch7.03
ORoperaoperaMatch7.10
ORoperaoperaMatch7.11
ORoperaoperaMatch7.20
ORoperaoperaMatch7.20beta7
ORoperaoperaMatch7.21
ORoperaoperaMatch7.22
ORoperaoperaMatch7.23
ORoperaoperaMatch7.50
ORoperaoperaMatch7.50beta_1
ORoperaoperaMatch7.51
ORoperaoperaMatch7.52
ORoperaoperaMatch7.53
ORoperaoperaMatch7.54
ORoperaoperaMatch7.54update_1
ORoperaoperaMatch7.54update_2
ORoperaoperaMatch8.0
ORoperaoperaMatch8.0beta_1
ORoperaoperaMatch8.0beta_2
ORoperaoperaMatch8.0beta_3
ORoperaoperaMatch8.01
ORoperaoperaMatch8.02
ORoperaoperaMatch8.50
ORoperaoperaMatch8.51
ORoperaoperaMatch8.52
ORoperaoperaMatch8.53
ORoperaoperaMatch8.54
ORoperaoperaMatch9.0
ORoperaoperaMatch9.0beta_1
ORoperaoperaMatch9.0beta_2
ORoperaoperaMatch9.01
ORoperaoperaMatch9.02
ORoperaoperaMatch9.10
ORoperaoperaMatch9.20
ORoperaoperaMatch9.20beta_1
ORoperaoperaMatch9.21
ORoperaoperaMatch9.22
ORoperaoperaMatch9.23
ORoperaoperaMatch9.24
ORoperaoperaMatch9.25
ORoperaoperaMatch9.26
ORoperaoperaMatch9.27
ORoperaoperaMatch9.50
ORoperaoperaMatch9.50beta_2
ORoperaoperaMatch9.51
| Vendor | Product | Version | CPE |
|---|---|---|---|
| opera | opera | * | cpe:2.3:a:opera:opera:*:*:*:*:*:*:*:* |
| opera | opera | 5..10 | cpe:2.3:a:opera:opera:5..10:*:*:*:*:*:*:* |
| opera | opera | 5.0 | cpe:2.3:a:opera:opera:5.0:*:*:*:*:*:*:* |
| opera | opera | 5.1 | cpe:2.3:a:opera:opera:5.1:*:*:*:*:*:*:* |
| opera | opera | 5.2 | cpe:2.3:a:opera:opera:5.2:*:*:*:*:*:*:* |
| opera | opera | 5.3 | cpe:2.3:a:opera:opera:5.3:*:*:*:*:*:*:* |
| opera | opera | 5.4 | cpe:2.3:a:opera:opera:5.4:*:*:*:*:*:*:* |
| opera | opera | 5.5 | cpe:2.3:a:opera:opera:5.5:*:*:*:*:*:*:* |
| opera | opera | 5.6 | cpe:2.3:a:opera:opera:5.6:*:*:*:*:*:*:* |
| opera | opera | 5.7 | cpe:2.3:a:opera:opera:5.7:*:*:*:*:*:*:* |
References
Related
prion
prion
Cross site scripting
2008-10-30 20:56:00
cvelist
cvelist
CVE-2008-4795
2008-10-30 20:49:00
cve
cve
CVE-2008-4795
2008-10-30 20:56:54
exploitdb
exploitdb
Opera Web Browser 9.x - History Search and Links Panel Cross-Site Scripting
2008-10-30 00:00:00
ubuntucve
ubuntucve
CVE-2008-4795
2008-10-30 00:00:00
openvas
openvas
Opera Web Browser Command Execution and XSS Vulnerabilities (Windows)
2008-10-31 00:00:00
Opera Web Browser Command Execution and XSS Vulnerabilities - Windows
2008-10-31 00:00:00
Opera Web Browser Command Execution and XSS Vulnerabilities (Linux)
2008-10-31 00:00:00
nessus
nessus
Opera < 9.62 Multiple Vulnerabilities
2008-10-31 00:00:00
GLSA-200811-01 : Opera: Multiple vulnerabilities
2008-11-04 00:00:00
seebug
seebug
Opera Webๆต่งๅจๅๅฒๆ็ดขๅ้พๆฅ้ขๆฟ่ทจ็ซ่ๆฌๆผๆด
2008-10-31 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2008-11-03 00:00:00
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.4
Confidence
High
EPSS
0.19
Percentile
96.3%
Related for NVD:CVE-2008-4795