CVE-2008-4197
First published: Sat Sep 27 2008(Updated: )
Opera before 9.52 on Windows, Linux, FreeBSD, and Solaris, when processing custom shortcut and menu commands, can produce argument strings that contain uninitialized memory, which might allow user-assisted remote attackers to execute arbitrary code or conduct other attacks via vectors related to activation of a shortcut.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| Opera | <9.52 | |
| Any of | ||
| FreeBSD FreeBSD | ||
| Linux kernel | ||
| Microsoft Windows | ||
| Oracle Solaris and Zettabyte File System (ZFS) | ||
| Opera | <=9.51 | |
| FreeBSD FreeBSD | ||
| Linux | ||
| Microsoft Windows | ||
| Oracle Solaris and Zettabyte File System (ZFS) |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.openwall.com/lists/oss-security/2008/09/19/2
- http://www.opera.com/docs/changelogs/solaris/952/
- http://www.opera.com/docs/changelogs/freebsd/952/
- http://www.openwall.com/lists/oss-security/2008/09/24/4
- http://www.opera.com/docs/changelogs/linux/952/
- http://bugs.gentoo.org/show_bug.cgi?id=235298
- http://www.opera.com/docs/changelogs/windows/952/
- http://www.opera.com/support/search/view/894/
- http://security.gentoo.org/glsa/glsa-200811-01.xml
- http://secunia.com/advisories/32538
- http://secunia.com/advisories/31549
- http://www.securitytracker.com/id?1020720
- http://www.securityfocus.com/bid/30768
- http://www.vupen.com/english/advisories/2008/2416
- https://exchange.xforce.ibmcloud.com/vulnerabilities/44552
Frequently Asked Questions
What is the severity of CVE-2008-4197?
CVE-2008-4197 is considered to have a medium severity level due to the potential for remote code execution.
How do I fix CVE-2008-4197?
To fix CVE-2008-4197, upgrade Opera to version 9.52 or later.
Which versions of Opera are affected by CVE-2008-4197?
CVE-2008-4197 affects Opera versions prior to 9.52, specifically versions up to 9.51.
What platforms are impacted by CVE-2008-4197?
CVE-2008-4197 impacts Opera on Windows, Linux, FreeBSD, and Solaris.
Can CVE-2008-4197 lead to data compromises?
Yes, CVE-2008-4197 can allow remote attackers to execute arbitrary code, which may lead to data compromises.
- collector/nvd-historical
- agent/type
- agent/severity
- agent/weakness
- agent/references
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/author
- agent/softwarecombine
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/opera
- canonical/opera
- vendor/freebsd
- canonical/freebsd freebsd
- vendor/linux
- canonical/linux kernel
- vendor/microsoft
- canonical/microsoft windows
- vendor/oracle
- canonical/oracle solaris and zettabyte file system (zfs)
- version/opera/9.51
- canonical/linux
- vendor/sun