Vulnerability Description
Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory.
CVSS Score
7.2
HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opera | Opera Browser | <= 7.54 |
Related Weaknesses (CWE)
References
- http://bugs.gentoo.org/show_bug.cgi?id=81747Third Party AdvisoryVendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200502-17.xmlPatchThird Party AdvisoryVendor Advisory
- http://bugs.gentoo.org/show_bug.cgi?id=81747Third Party AdvisoryVendor Advisory
- http://www.gentoo.org/security/en/glsa/glsa-200502-17.xmlPatchThird Party AdvisoryVendor Advisory
FAQ
What is CVE-2005-0457?
CVE-2005-0457 is a vulnerability with a CVSS score of 7.2 (HIGH). Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary ...
How severe is CVE-2005-0457?
CVE-2005-0457 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-0457?
Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser.