Description
Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry.
Product(s):
- Opera Browser
- Opera Browser 1.00
- Opera Browser 2.00
- Opera Browser 2.10
- Opera Browser 2.10b1
- Opera Browser 2.10b2
- Opera Browser 2.10b3
- Opera Browser 2.12
- Opera Browser 3.00
- Opera Browser 3.00b
- Opera Browser 3.10
- Opera Browser 3.21
- Opera Browser 3.50
- Opera Browser 3.51
- Opera Browser 3.60
- Opera Browser 3.61
- Opera Browser 3.62
- Opera Browser 3.62b
- Opera Browser 4.00
- Opera Browser 4.00b2
- Opera Browser 4.00b3
- Opera Browser 4.00b4
- Opera Browser 4.00b5
- Opera Browser 4.00b6
- Opera Browser 4.01
- Opera Browser 4.02
- Opera Browser 5.02
- Opera Browser 5.0
- Opera Browser 5.0 beta 2
- Opera Browser 5.0 beta 3
- Opera Browser 5.0 beta 4
- Opera Browser 5.0 beta 5
- Opera Browser 5.0 beta 6
- Opera Browser 5.0 beta 7
- Opera Browser 5.0 beta 8
- Opera Browser 5.10
- Opera Browser 5.11
- Opera Browser 5.12
- Opera Browser 6.01
- Opera Browser 6.02
- Opera Browser 6.03
- Opera Browser 6.04
- Opera Browser 6.05
- Opera Browser 6.06
- Opera Browser 6.0
- Opera Browser 6.0 beta 1
- Opera Browser 6.0 beta 2
- Opera Browser 6.0 beta 3
- Opera Browser 6.0 TP 1
- Opera Browser 6.0 TP 2
- Opera Browser 6.0 TP 3
- Opera Browser 6.10
- Opera Browser 6.11
- Opera Browser 6.12
- Opera Browser 6.1
- Opera Browser 6.1 beta 1
- Opera Browser 7.01
- Opera Browser 7.02
- Opera Browser 7.03
- Opera Browser 7.0
- Opera Browser 7.0 beta 1
- Opera Browser 7.0 beta 1 v2
- Opera Browser 7.0 beta 2
- Opera Browser 7.10
- Opera Browser 7.10 beta 1
- Opera Browser 7.11
- Opera Browser 7.11 beta 2
- Opera Browser 7.20
- Opera Browser 7.20 beta 7
- Opera Browser 7.21
- Opera Browser 7.22
- Opera Browser 7.23
- Opera Browser 7.30
- Opera Browser 7.50
- Opera Browser 7.50 beta 1
- Opera Browser 7.51
- Opera Browser 7.52
- Opera Browser 7.53
- Opera Browser 7.54
- Opera Browser 7.54 update 1
- Opera Browser 7.54 update 2
- Gentoo Linux
- Gentoo Linux 1.2
- Gentoo Linux 1.4
- Gentoo Linux 1.4 -
- Gentoo Linux 1.4 rc1
- Gentoo Linux 1.4 rc2
- Gentoo Linux 1.4 rc3
- Gentoo Linux 2.1.30 r9
- Gentoo Linux 2.2.28 r7
- Gentoo Linux 2.3.30 r2
- KDE KDE 3.2.3
- SuSE SuSE Linux 1.0
- SuSE SuSE Linux 2.0
- SuSE SuSE Linux 3.0
- SuSE SuSE Linux 4.0
- SuSE SuSE Linux 4.2
- SuSE SuSE Linux 4.3
- +28 additional
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2004-1491, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2004-1491 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.