CVE-2008-4199
CVE-2008-4199
Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."
Produtos afetados
n/a · n/aQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
http://bugs.gentoo.org/show_bug.cgi?id=235298http://secunia.com/advisories/31549http://secunia.com/advisories/32538http://security.gentoo.org/glsa/glsa-200811-01.xmlhttp://securitytracker.com/id?1020722https://exchange.xforce.ibmcloud.com/vulnerabilities/44557http://www.openwall.com/lists/oss-security/2008/09/19/2http://www.openwall.com/lists/oss-security/2008/09/24/4http://www.opera.com/docs/changelogs/freebsd/952/http://www.opera.com/docs/changelogs/linux/952/http://www.opera.com/docs/changelogs/mac/952/http://www.opera.com/docs/changelogs/solaris/952/