Executive Summary
Informations | |||
---|---|---|---|
Name | CVE-2004-1489 | First vendor Publication | 2004-12-31 |
Vendor | Cve | Last vendor Modification | 2022-02-28 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:H/Au:N/C:P/I:N/A:N) | |||
---|---|---|---|
Cvss Base Score | 2.6 | Attack Range | Network |
Cvss Impact Score | 2.9 | Attack Complexity | High |
Cvss Expoit Score | 4.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory. |
Original Source
Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-1489 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-668 | Exposure of Resource to Wrong Sphere |
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2008-09-24 | Name : Gentoo Security Advisory GLSA 200502-17 (Opera) File : nvt/glsa_200502_17.nasl |
2008-09-04 | Name : FreeBSD Ports: opera, opera-devel, linux-opera File : nvt/freebsd_opera1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
12007 | Opera sun.security.krb5.Credentials Java Class User Name Disclosure Opera contains a flaw that may lead to an unauthorized information disclosure. The issue trigger when an attacker uses the sun.security.krb5.Credentials class to retrieve the name of the currently logged in user and parse the home directory from the information which is provided by the thrown java.security.AccessControlException, resulting in a loss of confidentiality. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2005-02-15 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200502-17.nasl - Type : ACT_GATHER_INFO |
Sources (Detail)
Alert History
Date | Informations |
---|---|
2022-03-02 01:01:53 |
|
2022-02-28 21:23:21 |
|
2021-05-04 12:02:31 |
|
2021-04-22 01:02:43 |
|
2020-05-23 00:16:01 |
|
2014-02-17 10:28:53 |
|
2013-05-11 11:45:14 |
|