CVE-2005-0456

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-0456
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

5.0 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:N/C:N/I:P/A:N

Exploitability : 10.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://secunia.com/advisories/13818/ Broken Link Patch
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml Patch Third Party Advisory Vendor Advisory
http://www.kb.cert.org/vuls/id/882926 Third Party Advisory US Government Resource
http://www.novell.com/linux/security/advisories/2005_31_opera.html Broken Link
http://www.opera.com/linux/changelogs/754u2/ Broken Link Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 Third Party Advisory VDB Entry
http://secunia.com/advisories/13818/ Broken Link Patch
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml Patch Third Party Advisory Vendor Advisory
http://www.kb.cert.org/vuls/id/882926 Third Party Advisory US Government Resource
http://www.novell.com/linux/security/advisories/2005_31_opera.html Broken Link
http://www.opera.com/linux/changelogs/754u2/ Broken Link Patch Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
History

20 Nov 2024, 23:55

Type Values Removed Values Added
References () http://secunia.com/advisories/13818/ - Broken Link, Patch () http://secunia.com/advisories/13818/ - Broken Link, Patch
References () http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml - Patch, Third Party Advisory, Vendor Advisory () http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml - Patch, Third Party Advisory, Vendor Advisory
References () http://www.kb.cert.org/vuls/id/882926 - Third Party Advisory, US Government Resource () http://www.kb.cert.org/vuls/id/882926 - Third Party Advisory, US Government Resource
References () http://www.novell.com/linux/security/advisories/2005_31_opera.html - Broken Link () http://www.novell.com/linux/security/advisories/2005_31_opera.html - Broken Link
References () http://www.opera.com/linux/changelogs/754u2/ - Broken Link, Patch, Vendor Advisory () http://www.opera.com/linux/changelogs/754u2/ - Broken Link, Patch, Vendor Advisory
References () https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 - Third Party Advisory, VDB Entry () https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 - Third Party Advisory, VDB Entry

28 Feb 2022, 17:41

Type Values Removed Values Added
CWE NVD-CWE-Other NVD-CWE-noinfo
CPE cpe:2.3:a:opera_software:opera_web_browser:7.0_beta2:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.3:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.2:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.10:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.0.1:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.51:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.2:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.6:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.20:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.20_beta1_build2981:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.23:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.11:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.21:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.22:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.10:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.3:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.1.1:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.0.3:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.12:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.0.2:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.1.0:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.11b:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.52:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.1:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.0.2:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.53:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.0:*:linux:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:9.10:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.54:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.0:*:mac:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.0_beta1:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.50:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.0:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.4:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:5.12:*:win32:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:7.11j:*:*:*:*:*:*:*
cpe:2.3:a:opera_software:opera_web_browser:6.0.5:*:win32:*:*:*:*:*		 cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
References (SECUNIA) http://secunia.com/advisories/13818/ - Patch, Vendor Advisory (SECUNIA) http://secunia.com/advisories/13818/ - Broken Link, Patch
References (CONFIRM) http://www.opera.com/linux/changelogs/754u2/ - Patch, Vendor Advisory (CONFIRM) http://www.opera.com/linux/changelogs/754u2/ - Broken Link, Patch, Vendor Advisory
References (SUSE) http://www.novell.com/linux/security/advisories/2005_31_opera.html - (SUSE) http://www.novell.com/linux/security/advisories/2005_31_opera.html - Broken Link
References (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 - (XF) https://exchange.xforce.ibmcloud.com/vulnerabilities/18867 - Third Party Advisory, VDB Entry
References (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml - Patch, Vendor Advisory (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml - Patch, Third Party Advisory, Vendor Advisory
Information

Published : 2005-01-12 05:00

Updated : 2024-11-20 23:55

NVD link : CVE-2005-0456

Mitre link : CVE-2005-0456

CVE.ORG link : CVE-2005-0456

JSON object : View

Products Affected

opera

  • opera_browser
CWE
NVD-CWE-noinfo