fkie_cve-2014-0815
Vulnerability from fkie_nvd
Published
2014-02-06 22:55
Modified
2025-04-11 00:51
Severity ?
Summary
The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.
References
vultures@jpcert.or.jphttp://blogs.opera.com/security/2014/01/security-changes-features-opera-19/Vendor Advisory
vultures@jpcert.or.jphttp://jvn.jp/en/jp/JVN23256725/index.html
vultures@jpcert.or.jphttp://jvndb.jvn.jp/jvndb/JVNDB-2014-000014
vultures@jpcert.or.jphttp://www.securityfocus.com/bid/65391
vultures@jpcert.or.jphttps://exchange.xforce.ibmcloud.com/vulnerabilities/91090
af854a3a-2127-422b-91ae-364da2661108http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://jvn.jp/en/jp/JVN23256725/index.html
af854a3a-2127-422b-91ae-364da2661108http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/65391
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/91090
Impacted products
Vendor Product Version
opera opera_browser *
opera opera_browser 1.00
opera opera_browser 10.00
opera opera_browser 10.00
opera opera_browser 10.00
opera opera_browser 10.00
opera opera_browser 10.00
opera opera_browser 10.01
opera opera_browser 10.10
opera opera_browser 10.10
opera opera_browser 10.11
opera opera_browser 10.20
opera opera_browser 10.50
opera opera_browser 10.50
opera opera_browser 10.50
opera opera_browser 10.51
opera opera_browser 10.52
opera opera_browser 10.52
opera opera_browser 10.52
opera opera_browser 10.53
opera opera_browser 10.53
opera opera_browser 10.53
opera opera_browser 10.54
opera opera_browser 10.60
opera opera_browser 10.60
opera opera_browser 10.60
opera opera_browser 10.61
opera opera_browser 10.62
opera opera_browser 10.63
opera opera_browser 11.00
opera opera_browser 11.00
opera opera_browser 11.01
opera opera_browser 11.10
opera opera_browser 11.10
opera opera_browser 11.11
opera opera_browser 11.50
opera opera_browser 11.50
opera opera_browser 11.51
opera opera_browser 11.52
opera opera_browser 11.52.1100
opera opera_browser 11.60
opera opera_browser 11.60
opera opera_browser 11.61
opera opera_browser 11.62
opera opera_browser 11.64
opera opera_browser 11.65
opera opera_browser 11.66
opera opera_browser 11.67
opera opera_browser 12.00
opera opera_browser 12.00
opera opera_browser 12.01
opera opera_browser 12.02
opera opera_browser 12.10
opera opera_browser 12.10
opera opera_browser 12.11
opera opera_browser 12.12
opera opera_browser 12.13
opera opera_browser 12.14
opera opera_browser 12.15
opera opera_browser 15.00
opera opera_browser 15.00
opera opera_browser 16.00
google android *


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0F51DA0-C1CB-4619-84FC-60EDBF6F95A1",
              "versionEndIncluding": "17.00",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:1.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F892EEF-54EC-4EC0-84B3-BD5C216AED80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "2D03F8C2-1193-45ED-B38E-C76C41A0FD9A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.00:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "85DB12A2-D43F-47BE-9719-466BE967E30E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "F12E0FE8-3982-453B-9C01-ABB2DE96866F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "DA76A537-6A1B-41D8-A923-24DC77F92E0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "2FA36E65-596D-4E84-A15C-1DF5FA3AAC76",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "320B5684-5006-4BA8-87ED-25C40E90F2DA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "4FE9E7F2-68B1-448D-86B6-52B345DD3C01",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.10:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "5D3C98DA-3261-4BEB-8403-BE2E54A7056C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "C4C04948-023C-4569-9EFA-3BD4B254BBC7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.20:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "7AFB451E-465F-4EC6-B13B-520B49F3BE8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "137E9883-BF1D-4B54-A904-AFDE179452A3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.50:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "872AEFA4-F7B2-49CF-8279-8BE602D70B95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.50:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "35400232-18B1-4641-8C98-6E8EB3A9C7E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "90EFC130-7E02-47AE-AC4E-569B59241FF5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D2745A8-9F99-48AF-A3C9-9659FA542B86",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.52:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "EDDA25B9-3CE3-44F8-8B94-05E1840DBCE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.52:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "EFB733B4-2DDD-4180-9E53-D399D499691D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.53:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C77E63-E7CF-4EFF-9177-715C1815A0F3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.53:b:*:*:*:*:*:*",
              "matchCriteriaId": "4D74A8DF-DCD2-41AB-BDC1-A314B3B55DAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.53:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "2180C5E4-0756-4034-A724-4BE220F28C09",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.54:*:*:*:*:*:*:*",
              "matchCriteriaId": "EECA4D0B-0313-4B34-9A69-EE91ECC37270",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "46482B92-C1CF-4B50-B419-568262B6F38B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.60:alpha:*:*:*:*:*:*",
              "matchCriteriaId": "E1D20372-9A36-4673-A8DA-413DAE04DCF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.60:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "F4619C12-AA06-4465-B595-47FC844B28A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2046AA8-079B-49F9-A2F6-FCF58B509A70",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "9D44F551-F0DF-4261-A13C-B81A4BD64D1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:10.63:*:*:*:*:*:*:*",
              "matchCriteriaId": "542D7F0A-01AF-4377-A96A-348651F56B98",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "72EEEE50-F5DD-413F-8937-7B1AFB151DF4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.00:beta:*:*:*:*:*:*",
              "matchCriteriaId": "52A509DF-759B-466A-9D6E-4E4D559B0F8E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB95842D-6899-4ECD-B7F9-5CC62BE9D4AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "5ACBA660-9AF0-40E2-8E9B-67E00D495023",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.10:beta:*:*:*:*:*:*",
              "matchCriteriaId": "52A36E55-80F8-40CD-A7DD-7FC291DCC3BC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "D98C5934-589D-4C86-9DD5-C72D3EA1F60E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.50:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A2BE3AD-767D-4ED1-A361-037957EBBA0C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.50:beta:*:*:*:*:*:*",
              "matchCriteriaId": "A1A640B6-6EEE-4968-AF1E-0B2D1160B2B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.51:*:*:*:*:*:*:*",
              "matchCriteriaId": "D0285C49-B30B-4C30-9E58-7A541B5E036C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.52:*:*:*:*:*:*:*",
              "matchCriteriaId": "86DC6DAB-7263-4EA4-B4DC-17A47F61A254",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.52.1100:*:*:*:*:*:*:*",
              "matchCriteriaId": "B820AB27-91C3-44D8-B9B6-10DB9905067A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.60:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6692220-BFFE-49F0-BDDE-171E40B90C1B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.60:beta:*:*:*:*:*:*",
              "matchCriteriaId": "65619BBE-F7F0-48FB-877B-5D0431766098",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.61:*:*:*:*:*:*:*",
              "matchCriteriaId": "933AAA5D-7558-46EA-A5F5-639E504F60C0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.62:*:*:*:*:*:*:*",
              "matchCriteriaId": "4509B34E-A6BB-4853-BB27-B23B2F3E2718",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.64:*:*:*:*:*:*:*",
              "matchCriteriaId": "F5B81C0D-ECE7-425D-9149-133D9F698753",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.65:*:*:*:*:*:*:*",
              "matchCriteriaId": "204FBAA0-35AE-4CDE-8592-15233FB2CB5C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.66:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B8555C-80CF-49A9-A7BF-3ADF0DEA03F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:11.67:*:*:*:*:*:*:*",
              "matchCriteriaId": "BE60CC7F-B76D-4A34-95F1-B8E22274FDB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "4ECE9D17-A9DC-44FA-A54D-C7CBE413767D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.00:beta:*:*:*:*:*:*",
              "matchCriteriaId": "1591C7A0-AFE1-4742-951F-333073E630D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.01:*:*:*:*:*:*:*",
              "matchCriteriaId": "457CB163-1463-4A0E-AD31-3EE09A7CFC30",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.02:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CB8E7C6-19EE-418D-95BB-6512CC0B82A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "571E5723-6DFA-4BBB-AD58-B55B3B8BA575",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.10:beta:*:*:*:*:*:*",
              "matchCriteriaId": "444151A1-7A14-490E-A78E-7F85094AF346",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "38D21EA7-E9D5-464C-B65F-93B7D903D668",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "D86AF338-DB64-4834-A589-D48C3124073A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "5002E547-3226-4413-AF4C-9D95CEC0E3E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "F0DBD34B-0B21-4032-AE91-1073488EC67D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:12.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "70A7ADDB-2AD1-4458-9735-30C92685A49F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:15.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "6F8807B7-E053-4ADF-9D9B-495F82194007",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:15.00:next:*:*:*:*:*:*",
              "matchCriteriaId": "1401EDEB-7974-4481-A6B2-9C2EA25AE860",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:opera:opera_browser:16.00:*:*:*:*:*:*:*",
              "matchCriteriaId": "DF0BF671-B5F2-464C-A91F-32B44F25FD7A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies."
    },
    {
      "lang": "es",
      "value": "El \"intent\" de la implementaci\u00f3n URL en Opera anterior a 18 en Android permite a atacantes leer archivos locales mediante el aprovechamiento de un error de interacci\u00f3n, tal como se ha demostrado mediante la lectura de cookies almacenadas."
    }
  ],
  "id": "CVE-2014-0815",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ]
  },
  "published": "2014-02-06T22:55:03.403",
  "references": [
    {
      "source": "vultures@jpcert.or.jp",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvn.jp/en/jp/JVN23256725/index.html"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "http://www.securityfocus.com/bid/65391"
    },
    {
      "source": "vultures@jpcert.or.jp",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvn.jp/en/jp/JVN23256725/index.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/65391"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090"
    }
  ],
  "sourceIdentifier": "vultures@jpcert.or.jp",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-200"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.