CVE-2008-4197

8.8HIGH

Key Information:

Vendor: Opera
Status: Opera Browser
Vendor: CVE Published:; 27 September 2008

Summary

Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.

References

http://www.vupen.com/english/advisories/2008/2416

vdb-entryx_refsource_VUPEN

http://secunia.com/advisories/32538

third-party-advisoryx_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/44552

vdb-entryx_refsource_XF

EPSS Score

13% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 27, 2008
Vulnerability Reserved
Sep 23, 2008

.