CVE-2008-4199
CVE-2008-4199
Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."
Affected products
n/a · n/aWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://bugs.gentoo.org/show_bug.cgi?id=235298http://secunia.com/advisories/31549http://secunia.com/advisories/32538http://security.gentoo.org/glsa/glsa-200811-01.xmlhttp://securitytracker.com/id?1020722https://exchange.xforce.ibmcloud.com/vulnerabilities/44557http://www.openwall.com/lists/oss-security/2008/09/19/2http://www.openwall.com/lists/oss-security/2008/09/24/4http://www.opera.com/docs/changelogs/freebsd/952/http://www.opera.com/docs/changelogs/linux/952/http://www.opera.com/docs/changelogs/mac/952/http://www.opera.com/docs/changelogs/solaris/952/