Code Execution Vulnerability in Opera Browser by Opera Software
CVE-2008-4197

8.8HIGH

Key Information:

Vendor
Opera
Status
Opera Browser
Vendor
CVE Published:
27 September 2008

Summary

The vulnerability occurs in the Opera browser on Windows, Linux, FreeBSD, and Solaris platforms. It involves the processing of custom shortcut and menu commands that can lead to the creation of argument strings containing uninitialized memory. This flaw could enable user-assisted remote attackers to execute arbitrary code or perform other malicious actions through specific interactions with shortcut activation.

References

http://www.vupen.com/english/advisories/2008/2416
vdb-entryx_refsource_VUPEN
http://secunia.com/advisories/32538
third-party-advisoryx_refsource_SECUNIA
https://exchange.xforce.ibmcloud.com/vulnerabilities/44552
vdb-entryx_refsource_XF

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.