CVE-2014-0815

Opera Browser < 18 - Unauthenticated Exposure of Sensitive Information via Intent URL

Title source: llm

Description

The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.

References (5)

Core 5

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_xf

https://exchange.xforce.ibmcloud.com/vulnerabilities/91090

Third Party Advisory third-party-advisory x_refsource_jvndb

http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/65391

Vendor Advisory x_refsource_confirm

http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/

Third Party Advisory third-party-advisory x_refsource_jvn

http://jvn.jp/en/jp/JVN23256725/index.html

Scores

EPSS 0.0037

EPSS Percentile 59.3%

Details

CWE

CWE-200

Status published

Products (32)

opera/opera_browser 1.00

opera/opera_browser 10.00 (5 CPE variants)

opera/opera_browser 10.01

opera/opera_browser 10.10 (2 CPE variants)

opera/opera_browser 10.11

opera/opera_browser 10.20 alpha

opera/opera_browser 10.50 (3 CPE variants)

opera/opera_browser 10.51

opera/opera_browser 10.52 (3 CPE variants)

opera/opera_browser 10.53 (3 CPE variants)

... and 22 more

Published Feb 06, 2014

Tracked Since Feb 18, 2026