CVE-2008-2715

Current Description

Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns.

Basic Data

PublishedJune 16, 2008
Last ModifiedAugust 08, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-200
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:L/Au:N/C:P/I:N/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityLOW
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.0
SeverityMEDIUM
Exploitability Score10.0
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOperaOpera Browser1.00*******
    2.3ApplicationOperaOpera Browser2.00*******
    2.3ApplicationOperaOpera Browser2.10*******
    2.3ApplicationOperaOpera Browser2.10beta1******
    2.3ApplicationOperaOpera Browser2.10beta2******
    2.3ApplicationOperaOpera Browser2.10beta3******
    2.3ApplicationOperaOpera Browser2.12*******
    2.3ApplicationOperaOpera Browser3.00*******
    2.3ApplicationOperaOpera Browser3.00beta******
    2.3ApplicationOperaOpera Browser3.10*******
    2.3ApplicationOperaOpera Browser3.21*******
    2.3ApplicationOperaOpera Browser3.50*******
    2.3ApplicationOperaOpera Browser3.51*******
    2.3ApplicationOperaOpera Browser3.60*******
    2.3ApplicationOperaOpera Browser3.61*******
    2.3ApplicationOperaOpera Browser3.62*******
    2.3ApplicationOperaOpera Browser3.62beta******
    2.3ApplicationOperaOpera Browser4.00*******
    2.3ApplicationOperaOpera Browser4.00beta2******
    2.3ApplicationOperaOpera Browser4.00beta3******
    2.3ApplicationOperaOpera Browser4.00beta4******
    2.3ApplicationOperaOpera Browser4.00beta5******
    2.3ApplicationOperaOpera Browser4.00beta6******
    2.3ApplicationOperaOpera Browser4.01*******
    2.3ApplicationOperaOpera Browser4.02*******
    2.3ApplicationOperaOpera Browser5.0*******
    2.3ApplicationOperaOpera Browser5.0beta2******
    2.3ApplicationOperaOpera Browser5.0beta3******
    2.3ApplicationOperaOpera Browser5.0beta4******
    2.3ApplicationOperaOpera Browser5.0beta5******
    2.3ApplicationOperaOpera Browser5.0beta6******
    2.3ApplicationOperaOpera Browser5.0beta7******
    2.3ApplicationOperaOpera Browser5.0beta8******
    2.3ApplicationOperaOpera Browser5.02*******
    2.3ApplicationOperaOpera Browser5.10*******
    2.3ApplicationOperaOpera Browser5.11*******
    2.3ApplicationOperaOpera Browser5.12*******
    2.3ApplicationOperaOpera Browser6.0*******
    2.3ApplicationOperaOpera Browser6.0beta1******
    2.3ApplicationOperaOpera Browser6.0beta2******
    2.3ApplicationOperaOpera Browser6.0tp1******
    2.3ApplicationOperaOpera Browser6.0tp2******
    2.3ApplicationOperaOpera Browser6.0tp3******
    2.3ApplicationOperaOpera Browser6.01*******
    2.3ApplicationOperaOpera Browser6.1*******
    2.3ApplicationOperaOpera Browser6.1beta1******
    2.3ApplicationOperaOpera Browser6.02*******
    2.3ApplicationOperaOpera Browser6.03*******
    2.3ApplicationOperaOpera Browser6.04*******
    2.3ApplicationOperaOpera Browser6.05*******
    2.3ApplicationOperaOpera Browser6.06*******
    2.3ApplicationOperaOpera Browser6.11*******
    2.3ApplicationOperaOpera Browser6.12*******
    2.3ApplicationOperaOpera Browser7.0*******
    2.3ApplicationOperaOpera Browser7.0beta1******
    2.3ApplicationOperaOpera Browser7.0beta1_v2******
    2.3ApplicationOperaOpera Browser7.0beta2******
    2.3ApplicationOperaOpera Browser7.01*******
    2.3ApplicationOperaOpera Browser7.02*******
    2.3ApplicationOperaOpera Browser7.03*******
    2.3ApplicationOperaOpera Browser7.10*******
    2.3ApplicationOperaOpera Browser7.10beta1******
    2.3ApplicationOperaOpera Browser7.11*******
    2.3ApplicationOperaOpera Browser7.11beta2******
    2.3ApplicationOperaOpera Browser7.20*******
    2.3ApplicationOperaOpera Browser7.20beta7******
    2.3ApplicationOperaOpera Browser7.21*******
    2.3ApplicationOperaOpera Browser7.22*******
    2.3ApplicationOperaOpera Browser7.23*******
    2.3ApplicationOperaOpera Browser7.50*******
    2.3ApplicationOperaOpera Browser7.50beta1******
    2.3ApplicationOperaOpera Browser7.51*******
    2.3ApplicationOperaOpera Browser7.52*******
    2.3ApplicationOperaOpera Browser7.53*******
    2.3ApplicationOperaOpera Browser7.54*******
    2.3ApplicationOperaOpera Browser7.54update1******
    2.3ApplicationOperaOpera Browser7.54update2******
    2.3ApplicationOperaOpera Browser7.60*******
    2.3ApplicationOperaOpera Browser8.0*******
    2.3ApplicationOperaOpera Browser8.0beta1******
    2.3ApplicationOperaOpera Browser8.0beta2******
    2.3ApplicationOperaOpera Browser8.0beta3******
    2.3ApplicationOperaOpera Browser8.01*******
    2.3ApplicationOperaOpera Browser8.02*******
    2.3ApplicationOperaOpera Browser8.50*******
    2.3ApplicationOperaOpera Browser8.51*******
    2.3ApplicationOperaOpera Browser8.52*******
    2.3ApplicationOperaOpera Browser8.53*******
    2.3ApplicationOperaOpera Browser8.54*******
    2.3ApplicationOperaOpera Browser9.0*******
    2.3ApplicationOperaOpera Browser9.0beta1******
    2.3ApplicationOperaOpera Browser9.0beta2******
    2.3ApplicationOperaOpera Browser9.01*******
    2.3ApplicationOperaOpera Browser9.02*******
    2.3ApplicationOperaOpera Browser9.10*******
    2.3ApplicationOperaOpera Browser9.12*******
    2.3ApplicationOperaOpera Browser9.20*******
    2.3ApplicationOperaOpera Browser9.20beta1******
    2.3ApplicationOperaOpera Browser9.21*******
    2.3ApplicationOperaOpera Browser9.22*******
    2.3ApplicationOperaOpera Browser9.23*******
    2.3ApplicationOperaOpera Browser9.24*******
    2.3ApplicationOperaOpera Browser9.25*******
    2.3ApplicationOperaOpera Browser9.26*******
    2.3ApplicationOperaOpera Browser9.27*******
    2.3ApplicationOperaOpera Browser9.50*******
    2.3ApplicationOperaOpera Browser9.50beta1******
    2.3ApplicationOperaOpera Browser*beta2******9.50

Vulnerable Software List

VendorProductVersions
Opera Opera Browser *, 1.00, 2.00, 2.10, 2.12, 3.00, 3.10, 3.21, 3.50, 3.51, 3.60, 3.61, 3.62, 4.00, 4.01, 4.02, 5.0, 5.02, 5.10, 5.11, 5.12, 6.0, 6.01, 6.02, 6.03, 6.04, 6.05, 6.06, 6.1, 6.11, 6.12, 7.0, 7.01, 7.02, 7.03, 7.10, 7.11, 7.20, 7.21, 7.22, 7.23, 7.50, 7.51, 7.52, 7.53, 7.54, 7.60, 8.0, 8.01, 8.02, 8.50, 8.51, 8.52, 8.53, 8.54, 9.0, 9.01, 9.02, 9.10, 9.12, 9.20, 9.21, 9.22, 9.23, 9.24, 9.25, 9.26, 9.27, 9.50

References

NameSourceURLTags
SUSE-SA:2008:029http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.htmlSUSE
30636http://secunia.com/advisories/30636SECUNIAVendor Advisory
30682http://secunia.com/advisories/30682SECUNIA
http://www.opera.com/docs/changelogs/linux/950/#securityhttp://www.opera.com/docs/changelogs/linux/950/#securityCONFIRM
http://www.opera.com/docs/changelogs/windows/950/#securityhttp://www.opera.com/docs/changelogs/windows/950/#securityCONFIRM
http://www.opera.com/support/search/view/883/http://www.opera.com/support/search/view/883/CONFIRMPATCH
29684http://www.securityfocus.com/bid/29684BID
1020291http://www.securitytracker.com/id?1020291SECTRACK
ADV-2008-1812http://www.vupen.com/english/advisories/2008/1812VUPEN
opera-html-canvas-info-disclosure(43032)https://exchange.xforce.ibmcloud.com/vulnerabilities/43032XF