CVE-2014-0815

Opera Browser < 17.00 - Information Disclosure

Title source: rule

Description

The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.

References (5)

[Vendor Advisory] http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/91090

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/65391

[Third Party Advisory] http://jvn.jp/en/jp/JVN23256725/index.html

[Third Party Advisory] http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014

Scores

EPSS 0.0037

EPSS Percentile 58.7%

Classification

CWE

CWE-200

Status draft

Affected Products (50)

opera/opera_browser < 17.00

opera/opera_browser

... and 35 more

Timeline

Published Feb 06, 2014

Tracked Since Feb 18, 2026