2.6 CVE-2004-0473

RCE

 

Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-f" option on Windows XP or (2) the "-n" option on Linux.
https://nvd.nist.gov/vuln/detail/CVE-2004-0473

Categories

CWE-88 : Improper Neutralization of Argument Delimiters in a Command ('Argument Injection')

References

BID

10341
Broken Link Third Party Advisory VDB Entry

CONFIRM

GENTOO

GLSA-200405-19
Third Party Advisory

IDEFENSE

SECTRACK

1010142
Broken Link Third Party Advisory VDB Entry

XF

opera-telnet-file-overwrite(16139)
Third Party Advisory VDB Entry


 

CPE

cpe start end
Configuration 1
cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:* < 7.50

Exploits

Exploit-db.com
id description date
No known exploits
Other (github, ...)
Url
No known exploits

CAPEC

id description severity
41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
High
88 OS Command Injection
High
137 Parameter Injection
Medium
174 Flash Parameter Injection
Medium
460 HTTP Parameter Pollution (HPP)
Medium

Sherlock® flash

Take a picture of your computer network in a few clicks !

The Sherlock® flash audit solution allows you to perform an audit to strengthen the security of your IT assets. Vulnerability analysis of your physical and virtual equipment. Patch planning by priority level and time available. Detailed and intuitive reporting.

Discover this offer

Sherlock® flash: 1st instant cybersecurity audit solution