Back to search
CVE-2004-0473
Published: May 20, 2004
Modified: Aug 8, 2024
PUBLISHED
Description
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-f" option on Windows XP or (2) the "-n" option on Linux.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.opera.com/linux/changelogs/750/index.dml
x_refsource_CONFIRM
opera-telnet-file-overwrite(16139)
vdb-entry
x_refsource_XF
20040512 Opera Telnet URI Handler File Creation/Truncation Vulnerability
third-party-advisory
x_refsource_IDEFENSE
1010142
vdb-entry
x_refsource_SECTRACK
GLSA-200405-19
vendor-advisory
x_refsource_GENTOO
10341
vdb-entry
x_refsource_BID
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now