CVE-2005-0457 — Uncontrolled Search Path Element in Browser

CWE-427 — Uncontrolled Search Path Element3 documents3 sources

Severity

7.2HIGHNVD

EPSS

0.0%

top 87.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedMay 2

Latest updateMay 1

Description

Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory.

CVSS vector

AV:L/AC:L/C:C/I:C/A:CExploitability: 3.9 | Impact: 10.0

Affected Packages1 packages

▶NVDopera/opera_browser7.54

Patches

Patch: www.gentoo.org ↗Patch: www.gentoo.org ↗

🔴Vulnerability Details

GHSA

GHSA-w8vj-9447-mvg7: Opera 7↗2022-05-01

▶

CVEList

CVE-2005-0457: Opera 7↗2005-02-17

▶