CVE-2014-0815

CWE-200 — Information Exposure3 documents3 sources

Severity

4.3MEDIUM

EPSS

0.4%

top 40.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Opera Browser

Timeline

PublishedFeb 6

Latest updateMay 17

Description

The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.

CVSS vector

AV:N/AC:M/C:P/I:N/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser17.00+41

🔴Vulnerability Details

GHSA

GHSA-x8vq-w9vg-j573: The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated↗2022-05-17

▶

CVEList

CVE-2014-0815: The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated↗2014-02-06

▶