certfr_avis - certa-2007-avi-445

CERTA-2007-AVI-445

Vulnerability from certfr_avis

De multiples vulnérabilités touchent le navigateur Opera permettant l'exécution de code arbitraire à distance.

Description

Une vulnérabilité permettrait à un individu malveillant de lancer un client de messagerie ou de newsgroup externe à l'application et de compromettre ainsi le système de l'utilisateur par l'exécution de code arbitraire. Cette vulnérabilité est à mettre en relation avec l'alerte du CERTA sur la gestion des URI par Microsoft Windows ;
Une vulnérabilité exploitant une erreur dans la gestion de frame provenant de différents sites web permettrait l'exécution de code arbitraire par le navigateur ;
Une vulnérabilité touche les utilisateurs d'Opera sur Mac OS X avec Adobe Flash Player 9.0.47.0 et les versions antérieures. L'impact de cette vulnérabilité n'est pas encore connu.

Solution

Se référer au bulletin de sécurité d'Opera pour l'obtention des correctifs (cf. section Documentation).

Opera 9.x et les versions antérieures.

Impacted products

	Vendor	Product	Description

References

Title

Publication Time

Tags

Bulletins de sécurité Opera 866, 867 et 868	None	vendor-advisory
Bulletin de sécurité d'Opera 866 :	-	other
Alerte du CERTA du 11 octobre 2007 sur le traitement des URI sous Windows :	-	other
Bulletin de sécurité d'Opera 868 :	-	other
Bulletin de sécurité d'Opera 867 :	-	other

Show details on source website

JSON

To clipboard

{
  "$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
  "affected_systems": [],
  "affected_systems_content": "\u003cp\u003eOpera 9.x et les versions ant\u00e9rieures.\u003c/p\u003e",
  "content": "## Description\n\n-   Une vuln\u00e9rabilit\u00e9 permettrait \u00e0 un individu malveillant de lancer un\n    client de messagerie ou de newsgroup externe \u00e0 l\u0027application et de\n    compromettre ainsi le syst\u00e8me de l\u0027utilisateur par l\u0027ex\u00e9cution de\n    code arbitraire. Cette vuln\u00e9rabilit\u00e9 est \u00e0 mettre en relation avec\n    l\u0027alerte du CERTA sur la gestion des URI par Microsoft Windows ;\n-   Une vuln\u00e9rabilit\u00e9 exploitant une erreur dans la gestion de frame\n    provenant de diff\u00e9rents sites web permettrait l\u0027ex\u00e9cution de code\n    arbitraire par le navigateur ;\n-   Une vuln\u00e9rabilit\u00e9 touche les utilisateurs d\u0027Opera sur Mac OS X avec\n    Adobe Flash Player 9.0.47.0 et les versions ant\u00e9rieures. L\u0027impact de\n    cette vuln\u00e9rabilit\u00e9 n\u0027est pas encore connu.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 d\u0027Opera pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
  "cves": [
    {
      "name": "CVE-2007-5476",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5476"
    },
    {
      "name": "CVE-2007-5541",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5541"
    },
    {
      "name": "CVE-2007-5540",
      "url": "https://www.cve.org/CVERecord?id=CVE-2007-5540"
    }
  ],
  "initial_release_date": "2007-10-18T00:00:00",
  "last_revision_date": "2007-10-18T00:00:00",
  "links": [
    {
      "title": "Bulletin de s\u00e9curit\u00e9 d\u0027Opera 866 :",
      "url": "http://www.opera.com/support/search/view/866"
    },
    {
      "title": "Alerte du CERTA du 11 octobre 2007 sur le traitement des    URI sous Windows :",
      "url": "http://www.certa.ssi.gouv.fr/site/CERTA-2007-ALE-015/index.html"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 d\u0027Opera 868 :",
      "url": "http://www.opera.com/support/search/view/868"
    },
    {
      "title": "Bulletin de s\u00e9curit\u00e9 d\u0027Opera 867 :",
      "url": "http://www.opera.com/support/search/view/867"
    }
  ],
  "reference": "CERTA-2007-AVI-445",
  "revisions": [
    {
      "description": "version initiale.",
      "revision_date": "2007-10-18T00:00:00.000000"
    }
  ],
  "risks": [
    {
      "description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
    }
  ],
  "summary": "De multiples vuln\u00e9rabilit\u00e9s touchent le navigateur Opera permettant\nl\u0027ex\u00e9cution de code arbitraire \u00e0 distance.\n",
  "title": "Multiples vuln\u00e9rabilit\u00e9s dans Opera",
  "vendor_advisories": [
    {
      "published_at": null,
      "title": "Bulletins de s\u00e9curit\u00e9 Opera 866, 867 et 868",
      "url": null
    }
  ]
}

CVE-2007-5541 (GCVE-0-2007-5541)

Vulnerability from cvelistv5

Published

2007-10-18 00:00

Modified

2024-08-07 15:31

Severity ?

CWE

Summary

Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors.

References

URL

Tags

	http://www.securityfocus.com/bid/26100	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/27431	third-party-advisory, x_refsource_SECUNIA
	http://osvdb.org/38126	vdb-entry, x_refsource_OSVDB
	http://security.gentoo.org/glsa/glsa-200710-31.xml	vendor-advisory, x_refsource_GENTOO
	https://exchange.xforce.ibmcloud.com/vulnerabilities/37271	vdb-entry, x_refsource_XF
	http://www.opera.com/support/search/view/866/	x_refsource_CONFIRM
	http://secunia.com/advisories/27399	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27277	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3529	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://bugs.gentoo.org/show_bug.cgi?id=196164	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:59.026Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "26100",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26100"
          },
          {
            "name": "27431",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27431"
          },
          {
            "name": "38126",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/38126"
          },
          {
            "name": "GLSA-200710-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
          },
          {
            "name": "opera-unspecified-code-execution(37271)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37271"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/support/search/view/866/"
          },
          {
            "name": "27399",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27399"
          },
          {
            "name": "27277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27277"
          },
          {
            "name": "ADV-2007-3529",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3529"
          },
          {
            "name": "SUSE-SR:2007:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Opera before 9.24, when using an \"external\" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "26100",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26100"
        },
        {
          "name": "27431",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27431"
        },
        {
          "name": "38126",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/38126"
        },
        {
          "name": "GLSA-200710-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
        },
        {
          "name": "opera-unspecified-code-execution(37271)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37271"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/support/search/view/866/"
        },
        {
          "name": "27399",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27399"
        },
        {
          "name": "27277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27277"
        },
        {
          "name": "ADV-2007-3529",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3529"
        },
        {
          "name": "SUSE-SR:2007:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5541",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Opera before 9.24, when using an \"external\" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "26100",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26100"
            },
            {
              "name": "27431",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27431"
            },
            {
              "name": "38126",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/38126"
            },
            {
              "name": "GLSA-200710-31",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
            },
            {
              "name": "opera-unspecified-code-execution(37271)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37271"
            },
            {
              "name": "http://www.opera.com/support/search/view/866/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/support/search/view/866/"
            },
            {
              "name": "27399",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27399"
            },
            {
              "name": "27277",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27277"
            },
            {
              "name": "ADV-2007-3529",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3529"
            },
            {
              "name": "SUSE-SR:2007:022",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=196164",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5541",
    "datePublished": "2007-10-18T00:00:00",
    "dateReserved": "2007-10-17T00:00:00",
    "dateUpdated": "2024-08-07T15:31:59.026Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-5476 (GCVE-0-2007-5476)

Vulnerability from cvelistv5

Published

2007-10-18 00:00

Modified

2024-08-07 15:31

Severity ?

CWE

Summary

Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors.

References

URL

Tags

	https://exchange.xforce.ibmcloud.com/vulnerabilities/37250	vdb-entry, x_refsource_XF
	http://www.vupen.com/english/advisories/2007/4238	vdb-entry, x_refsource_VUPEN
	http://secunia.com/advisories/30507	third-party-advisory, x_refsource_SECUNIA
	http://www.us-cert.gov/cas/techalerts/TA07-352A.html	third-party-advisory, x_refsource_CERT
	http://secunia.com/advisories/28136	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2008/1724/references	vdb-entry, x_refsource_VUPEN
	http://www.us-cert.gov/cas/techalerts/TA07-355A.html	third-party-advisory, x_refsource_CERT
	http://www.securitytracker.com/id?1018830	vdb-entry, x_refsource_SECTRACK
	http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html	vendor-advisory, x_refsource_APPLE
	http://www.adobe.com/support/security/advisories/apsa07-05.html	x_refsource_CONFIRM
	http://secunia.com/advisories/28161	third-party-advisory, x_refsource_SECUNIA
	http://docs.info.apple.com/article.html?artnum=307179	x_refsource_CONFIRM
	http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1	vendor-advisory, x_refsource_SUNALERT
	http://www.vupen.com/english/advisories/2007/4258	vdb-entry, x_refsource_VUPEN
	http://www.opera.com/support/search/view/868/	x_refsource_CONFIRM
	http://www.securityfocus.com/bid/26274	vdb-entry, x_refsource_BID
	http://www.adobe.com/support/security/bulletins/apsb07-20.html	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "flash-opera-macosx-unspecified(37250)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37250"
          },
          {
            "name": "ADV-2007-4238",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4238"
          },
          {
            "name": "30507",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/30507"
          },
          {
            "name": "TA07-352A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
          },
          {
            "name": "28136",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28136"
          },
          {
            "name": "ADV-2008-1724",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/1724/references"
          },
          {
            "name": "TA07-355A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA07-355A.html"
          },
          {
            "name": "1018830",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id?1018830"
          },
          {
            "name": "APPLE-SA-2007-12-17",
            "tags": [
              "vendor-advisory",
              "x_refsource_APPLE",
              "x_transferred"
            ],
            "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/advisories/apsa07-05.html"
          },
          {
            "name": "28161",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28161"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://docs.info.apple.com/article.html?artnum=307179"
          },
          {
            "name": "238305",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUNALERT",
              "x_transferred"
            ],
            "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1"
          },
          {
            "name": "ADV-2007-4258",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/4258"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/support/search/view/868/"
          },
          {
            "name": "26274",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26274"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.adobe.com/support/security/bulletins/apsb07-20.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown \"Highly Severe\" impact and unknown attack vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-28T12:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "flash-opera-macosx-unspecified(37250)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37250"
        },
        {
          "name": "ADV-2007-4238",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4238"
        },
        {
          "name": "30507",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/30507"
        },
        {
          "name": "TA07-352A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
        },
        {
          "name": "28136",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28136"
        },
        {
          "name": "ADV-2008-1724",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/1724/references"
        },
        {
          "name": "TA07-355A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA07-355A.html"
        },
        {
          "name": "1018830",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id?1018830"
        },
        {
          "name": "APPLE-SA-2007-12-17",
          "tags": [
            "vendor-advisory",
            "x_refsource_APPLE"
          ],
          "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/advisories/apsa07-05.html"
        },
        {
          "name": "28161",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28161"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://docs.info.apple.com/article.html?artnum=307179"
        },
        {
          "name": "238305",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUNALERT"
          ],
          "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1"
        },
        {
          "name": "ADV-2007-4258",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/4258"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/support/search/view/868/"
        },
        {
          "name": "26274",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26274"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.adobe.com/support/security/bulletins/apsb07-20.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5476",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown \"Highly Severe\" impact and unknown attack vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "flash-opera-macosx-unspecified(37250)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/37250"
            },
            {
              "name": "ADV-2007-4238",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4238"
            },
            {
              "name": "30507",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/30507"
            },
            {
              "name": "TA07-352A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-352A.html"
            },
            {
              "name": "28136",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28136"
            },
            {
              "name": "ADV-2008-1724",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/1724/references"
            },
            {
              "name": "TA07-355A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-355A.html"
            },
            {
              "name": "1018830",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id?1018830"
            },
            {
              "name": "APPLE-SA-2007-12-17",
              "refsource": "APPLE",
              "url": "http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html"
            },
            {
              "name": "http://www.adobe.com/support/security/advisories/apsa07-05.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/advisories/apsa07-05.html"
            },
            {
              "name": "28161",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28161"
            },
            {
              "name": "http://docs.info.apple.com/article.html?artnum=307179",
              "refsource": "CONFIRM",
              "url": "http://docs.info.apple.com/article.html?artnum=307179"
            },
            {
              "name": "238305",
              "refsource": "SUNALERT",
              "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1"
            },
            {
              "name": "ADV-2007-4258",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/4258"
            },
            {
              "name": "http://www.opera.com/support/search/view/868/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/support/search/view/868/"
            },
            {
              "name": "26274",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26274"
            },
            {
              "name": "http://www.adobe.com/support/security/bulletins/apsb07-20.html",
              "refsource": "CONFIRM",
              "url": "http://www.adobe.com/support/security/bulletins/apsb07-20.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5476",
    "datePublished": "2007-10-18T00:00:00",
    "dateReserved": "2007-10-16T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.912Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2007-5540 (GCVE-0-2007-5540)

Vulnerability from cvelistv5

Published

2007-10-18 00:00

Modified

2024-08-07 15:31

Severity ?

CWE

Summary

Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors.

References

URL

Tags

	http://osvdb.org/38127	vdb-entry, x_refsource_OSVDB
	http://secunia.com/advisories/27431	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/26102	vdb-entry, x_refsource_BID
	http://security.gentoo.org/glsa/glsa-200710-31.xml	vendor-advisory, x_refsource_GENTOO
	http://www.opera.com/support/search/view/867/	x_refsource_CONFIRM
	http://secunia.com/advisories/27399	third-party-advisory, x_refsource_SECUNIA
	http://secunia.com/advisories/27277	third-party-advisory, x_refsource_SECUNIA
	http://www.vupen.com/english/advisories/2007/3529	vdb-entry, x_refsource_VUPEN
	http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html	vendor-advisory, x_refsource_SUSE
	http://bugs.gentoo.org/show_bug.cgi?id=196164	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T15:31:58.746Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "38127",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://osvdb.org/38127"
          },
          {
            "name": "27431",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27431"
          },
          {
            "name": "26102",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/26102"
          },
          {
            "name": "GLSA-200710-31",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.opera.com/support/search/view/867/"
          },
          {
            "name": "27399",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27399"
          },
          {
            "name": "27277",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/27277"
          },
          {
            "name": "ADV-2007-3529",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2007/3529"
          },
          {
            "name": "SUSE-SR:2007:022",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2007-10-17T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-11-07T10:00:00",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "38127",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://osvdb.org/38127"
        },
        {
          "name": "27431",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27431"
        },
        {
          "name": "26102",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/26102"
        },
        {
          "name": "GLSA-200710-31",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.opera.com/support/search/view/867/"
        },
        {
          "name": "27399",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27399"
        },
        {
          "name": "27277",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/27277"
        },
        {
          "name": "ADV-2007-3529",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2007/3529"
        },
        {
          "name": "SUSE-SR:2007:022",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2007-5540",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "38127",
              "refsource": "OSVDB",
              "url": "http://osvdb.org/38127"
            },
            {
              "name": "27431",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27431"
            },
            {
              "name": "26102",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/26102"
            },
            {
              "name": "GLSA-200710-31",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200710-31.xml"
            },
            {
              "name": "http://www.opera.com/support/search/view/867/",
              "refsource": "CONFIRM",
              "url": "http://www.opera.com/support/search/view/867/"
            },
            {
              "name": "27399",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27399"
            },
            {
              "name": "27277",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/27277"
            },
            {
              "name": "ADV-2007-3529",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2007/3529"
            },
            {
              "name": "SUSE-SR:2007:022",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html"
            },
            {
              "name": "http://bugs.gentoo.org/show_bug.cgi?id=196164",
              "refsource": "CONFIRM",
              "url": "http://bugs.gentoo.org/show_bug.cgi?id=196164"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2007-5540",
    "datePublished": "2007-10-18T00:00:00",
    "dateReserved": "2007-10-17T00:00:00",
    "dateUpdated": "2024-08-07T15:31:58.746Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CERTA-2007-AVI-445

Vulnerability from certfr_avis

Description

Solution

CVE-2007-5541 (GCVE-0-2007-5541)

Vulnerability from cvelistv5

CVE-2007-5476 (GCVE-0-2007-5476)

Vulnerability from cvelistv5

CVE-2007-5540 (GCVE-0-2007-5540)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature