CVE-2004-1489
Opera < 7.54 - Unauthenticated Exposure of Sensitive Information via Java Applet
Title source: llmDescription
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.
References (3)
Core 3
Core References
Broken Link x_refsource_confirm
http://www.opera.com/linux/changelogs/754u1/
Exploit mailing-list
x_refsource_fulldisc
http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029044.html
Patch, Third Party Advisory vendor-advisory
x_refsource_gentoo
http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml
Scores
EPSS
0.0041
EPSS Percentile
61.4%
Details
CWE
CWE-668
Status
published
Products (1)
opera/opera_browser
< 7.54
Published
Dec 31, 2004
Tracked Since
Feb 18, 2026