FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

opera -- kfmclient exec command execution vulnerability

Affected packages
linux-opera < 7.54.20050131
opera < 7.54.20050131
opera-devel < 7.54.20050131

Details

VuXML ID d8e55d65-81d6-11d9-a9e7-0001020eed82
Discovery 2004-12-12
Entry 2005-02-18

Giovanni Delvecchio reports:

Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system.

[source]

References

CVE Name CVE-2004-1491
URL http://secunia.com/advisories/13447/
URL http://www.opera.com/freebsd/changelogs/754u2/
URL http://www.zone-h.org/advisories/read/id=6503

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.