Vulnerability Name:

CVE-2002-0898 (CCN-9188)

Assigned:2002-05-27
Published:2002-05-27
Updated:2016-10-18
Summary:Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): None
Integrity (I): Low
Availibility (A): None
CVSS v2 Severity:5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Athentication (Au): None
Impact Metrics:Confidentiality (C): None
Integrity (I): Partial
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2002-0898

Source: NTBUGTRAQ
Type: UNKNOWN
20020527 Reading ANY local file in Opera (GM#001-OP)

Source: BUGTRAQ
Type: UNKNOWN
20020527 Reading ANY local file in Opera (GM#001-OP)

Source: CCN
Type: GreyMagic Security Advisory GM#001-OP
Reading ANY local file in Opera

Source: XF
Type: Exploit, Patch, Vendor Advisory
opera-browser-file-retrieval(9188)

Source: CCN
Type: Opera Web site
Download Opera

Source: CONFIRM
Type: UNKNOWN
http://www.opera.com/windows/changelog/log603.html

Source: CCN
Type: OSVDB ID: 5054
Opera File Tag Newline Arbitrary File Upload

Source: BID
Type: Exploit, Patch, Vendor Advisory
4834

Source: CCN
Type: BID-4834
Opera Arbitrary File Disclosure Vulnerability

Source: XF
Type: UNKNOWN
opera-browser-file-retrieval(9188)

Vulnerable Configuration:Configuration 1:
  • cpe:/a:opera_software:opera_web_browser:6.0.1:*:win32:*:*:*:*:*
  • OR cpe:/a:opera_software:opera_web_browser:6.0.2:*:win32:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    opera_software opera web browser 6.0.1
    opera_software opera web browser 6.0.2