FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

opera -- kfmclient exec command execution vulnerability

Affected packages
linux-opera < 7.54.20050131
opera < 7.54.20050131
opera-devel < 7.54.20050131

Details

VuXML ID d8e55d65-81d6-11d9-a9e7-0001020eed82
Discovery 2004-12-12
Entry 2005-02-18

Giovanni Delvecchio reports:

Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system.

References

CVE Name CVE-2004-1491
URL http://secunia.com/advisories/13447/
URL http://www.opera.com/freebsd/changelogs/754u2/
URL http://www.zone-h.org/advisories/read/id=6503