CVE-2005-0457

EPSS 0.04%
Veröffentlicht 02.05.2005 04:00:00
Zuletzt bearbeitet 03.04.2025 01:03:51
Quelle cve@mitre.org
Teams Watchlist Login
Unerledigt Login

Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory.

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Opera ≫ Opera Browser Version <= 7.54

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.089

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.2	3.9	10	AV:L/AC:L/Au:N/C:C/I:C/A:C

CWE-427 Uncontrolled Search Path Element

The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors.

http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml

Patch

Third Party Advisory

Vendor Advisory

http://bugs.gentoo.org/show_bug.cgi?id=81747

Third Party Advisory

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2005-0457

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2005-0457

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2005-0457

EUVD