Lucene search
HistoryFeb 17, 2005 - 5:00 a.m.
CVE-2004-1491
cve-2004-1491
opera 7.54
kfmclient exec
arbitrary code execution
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
Affected configurations
Node
operaopera_browserRange≤7.54
Node
gentoolinux
ORkdekdeMatch3.2.3
ORsusesuse_linuxMatch1.0
ORsusesuse_linuxMatch2.0
ORsusesuse_linuxMatch3.0
ORsusesuse_linuxMatch4.0
ORsusesuse_linuxMatch4.2
ORsusesuse_linuxMatch4.3
ORsusesuse_linuxMatch4.4
ORsusesuse_linuxMatch4.4.1
ORsusesuse_linuxMatch5.0
ORsusesuse_linuxMatch5.1
ORsusesuse_linuxMatch5.2
ORsusesuse_linuxMatch5.3
ORsusesuse_linuxMatch6.0
ORsusesuse_linuxMatch6.1
ORsusesuse_linuxMatch6.1alpha
ORsusesuse_linuxMatch6.2
ORsusesuse_linuxMatch6.3
ORsusesuse_linuxMatch6.3alpha
ORsusesuse_linuxMatch6.4
ORsusesuse_linuxMatch6.4alpha
ORsusesuse_linuxMatch7.0
ORsusesuse_linuxMatch7.0alpha
ORsusesuse_linuxMatch7.1
ORsusesuse_linuxMatch7.1alpha
ORsusesuse_linuxMatch7.2
ORsusesuse_linuxMatch7.3
ORsusesuse_linuxMatch8.0
ORsusesuse_linuxMatch8.1
ORsusesuse_linuxMatch8.2
ORsusesuse_linuxMatch9.0
ORsusesuse_linuxMatch9.1
ORsusesuse_linuxMatch9.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| opera:opera_browser | opera opera browser | le | 7.54 |
References
Related
freebsd
freebsd
opera -- kfmclient exec command execution vulnerability
2004-12-12 00:00:00
nessus
nessus
FreeBSD : opera -- kfmclient exec command execution vulnerability (d8e55d65-81d6-11d9-a9e7-0001020eed82)
2005-07-13 00:00:00
GLSA-200502-17 : Opera: Multiple vulnerabilities
2005-02-15 00:00:00
nvd
nvd
CVE-2004-1491
2004-12-31 05:00:00
cvelist
cvelist
CVE-2004-1491
2005-02-17 05:00:00
openvas
openvas
FreeBSD Ports: opera, opera-devel, linux-opera
2008-09-04 00:00:00
FreeBSD Ports: opera, opera-devel, linux-opera
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200502-17 (Opera)
2008-09-24 00:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2005-02-14 00:00:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
7.5 High
AI Score
Confidence
Low
0.045 Low
EPSS
Percentile
92.5%
Related for CVE-2004-1491