Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:4F04726A0864BD57F03DDC7BE17CB4EA
HistoryJan 13, 2009 - 12:00 a.m.

Opera file URI buffer overflow

2009-01-1300:00:00
SAINT Corporation
download.saintcorporation.com
18

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.473

Percentile

97.5%

JSON

Added: 01/13/2009
CVE: CVE-2008-5178
BID: 32323
OSVDB: 49882

Background

Opera is a web browser which is available for multiple platforms.

Problem

A buffer overflow vulnerability allows command execution when a user opens a long, specially crafted file:// URI.

Resolution

Upgrade to Opera 9.63 or higher.

References

<http://secunia.com/advisories/34294&gt;

Limitations

Exploit works on Opera 9.62 and requires a user to load the exploit page in Opera.

Due to the nature of the vulnerability, the success of the exploit may depend on the target’s memory state.

Platforms

Windows XP

Related

saint 3
openvas 6
freebsd 1
d2 1
checkpoint_advisories 1
nessus 3
nvd 2
prion 2
exploitdb 1
cvelist 2
cve 2
gentoo 1
saint
saint
Opera file URI buffer overflow
2009-01-13 00:00:00
Opera file URI buffer overflow
2009-01-13 00:00:00
Opera file URI buffer overflow
2009-01-13 00:00:00
openvas
openvas
FreeBSD Ports: opera, linux-opera
2008-12-23 00:00:00
Opera Web Browser Heap Based Buffer Overflow Vulnerability - Windows
2008-11-21 00:00:00
Opera Web Browser Heap Based Buffer Overflow Vulnerability (Windows)
2008-11-21 00:00:00
freebsd
freebsd
opera -- multiple vulnerabilities
2008-11-18 00:00:00
d2
d2
DSquare Exploit Pack: D2SEC_OPERAHEAP
2008-11-20 15:30:00
checkpoint_advisories
checkpoint_advisories
Opera Browser file URI Handling Buffer Overflow (CVE-2008-5178)
2009-12-28 00:00:00
nessus
nessus
FreeBSD : opera -- multiple vulnerabilities (225bc349-ce10-11dd-a721-0030843d3802)
2008-12-21 00:00:00
Opera < 9.63 Multiple Vulnerabilities
2008-12-16 00:00:00
GLSA-200903-30 : Opera: Multiple vulnerabilities
2009-03-17 00:00:00
nvd
nvd
CVE-2008-5178
2008-11-20 15:30:00
CVE-2008-5680
2008-12-19 16:30:00
prion
prion
Buffer overflow
2008-12-19 16:30:00
Heap overflow
2008-11-20 15:30:00
exploitdb
exploitdb
Opera 9.62 - &#039;file://&#039; Local Heap Overflow
2008-11-17 00:00:00
cvelist
cvelist
CVE-2008-5680
2008-12-19 16:09:00
CVE-2008-5178
2008-11-20 15:00:00
cve
cve
CVE-2008-5178
2008-11-20 15:30:00
CVE-2008-5680
2008-12-19 16:30:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2009-03-16 00:00:00

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

EPSS

0.473

Percentile

97.5%

JSON
Related for SAINT:4F04726A0864BD57F03DDC7BE17CB4EA
saint3openvas6freebsd1d21checkpoint_advisories1nessus3nvd2prion2exploitdb1cvelist2cve2gentoo1