Strix
26.1K

CVE-2008-4695

UnknownEPSS 5.98%

Last modified

CVE-2008-4695 is a vulnerability of currently unknown severity. Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.. EPSS estimates a 5.98% chance of exploitation in the next 30 days.

Description

Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.

Metrics

EPSS Probability
5.98%

92.4th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

Affected Software

VendorProductVersionsUpdate
OperaOpera<= 9.60Beta 1
OperaOpera5.0
OperaOpera5.02
OperaOpera5.10
OperaOpera5.11
OperaOpera5.12
OperaOpera6.0
OperaOpera6.1
OperaOpera6.01
OperaOpera6.02
OperaOpera6.03
OperaOpera6.04
OperaOpera6.05
OperaOpera6.06
OperaOpera6.11
OperaOpera6.12
OperaOpera7.0
OperaOpera7.01
OperaOpera7.02
OperaOpera7.03
OperaOpera7.10
OperaOpera7.11
OperaOpera7.20
OperaOpera7.21
OperaOpera7.22
OperaOpera7.23
OperaOpera7.50
OperaOpera7.51
OperaOpera7.52
OperaOpera7.53
OperaOpera7.54
OperaOpera8.0
OperaOpera8.01
OperaOpera8.02
OperaOpera8.50
OperaOpera8.51
OperaOpera8.52
OperaOpera8.53
OperaOpera8.54
OperaOpera9.0
OperaOpera9.01
OperaOpera9.02
OperaOpera9.10
OperaOpera9.20
OperaOpera9.21
OperaOpera9.22
OperaOpera9.23
OperaOpera9.24
OperaOpera9.25
OperaOpera9.26

Showing 50 of 54 affected configurations. See NVD for the full list.

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2008-4695?
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.
How severe is CVE-2008-4695?
Severity scoring for CVE-2008-4695 is pending analysis. The EPSS model estimates a 5.98% probability of exploitation in the next 30 days.
How do I fix CVE-2008-4695?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2008-4695?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST