FKIE_CVE-2014-0815
Vulnerability from fkie_nvd - Published: 2014-02-06 22:55 - Updated: 2025-04-11 00:51
Severity ?
Summary
The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*",
"matchCriteriaId": "A0F51DA0-C1CB-4619-84FC-60EDBF6F95A1",
"versionEndIncluding": "17.00",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:1.00:*:*:*:*:*:*:*",
"matchCriteriaId": "0F892EEF-54EC-4EC0-84B3-BD5C216AED80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*",
"matchCriteriaId": "2D03F8C2-1193-45ED-B38E-C76C41A0FD9A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.00:alpha:*:*:*:*:*:*",
"matchCriteriaId": "85DB12A2-D43F-47BE-9719-466BE967E30E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F12E0FE8-3982-453B-9C01-ABB2DE96866F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta2:*:*:*:*:*:*",
"matchCriteriaId": "DA76A537-6A1B-41D8-A923-24DC77F92E0E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.00:beta3:*:*:*:*:*:*",
"matchCriteriaId": "2FA36E65-596D-4E84-A15C-1DF5FA3AAC76",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*",
"matchCriteriaId": "320B5684-5006-4BA8-87ED-25C40E90F2DA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*",
"matchCriteriaId": "4FE9E7F2-68B1-448D-86B6-52B345DD3C01",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.10:beta1:*:*:*:*:*:*",
"matchCriteriaId": "5D3C98DA-3261-4BEB-8403-BE2E54A7056C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.11:*:*:*:*:*:*:*",
"matchCriteriaId": "C4C04948-023C-4569-9EFA-3BD4B254BBC7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.20:alpha:*:*:*:*:*:*",
"matchCriteriaId": "7AFB451E-465F-4EC6-B13B-520B49F3BE8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*",
"matchCriteriaId": "137E9883-BF1D-4B54-A904-AFDE179452A3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.50:beta1:*:*:*:*:*:*",
"matchCriteriaId": "872AEFA4-F7B2-49CF-8279-8BE602D70B95",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.50:beta2:*:*:*:*:*:*",
"matchCriteriaId": "35400232-18B1-4641-8C98-6E8EB3A9C7E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.51:*:*:*:*:*:*:*",
"matchCriteriaId": "90EFC130-7E02-47AE-AC4E-569B59241FF5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.52:*:*:*:*:*:*:*",
"matchCriteriaId": "3D2745A8-9F99-48AF-A3C9-9659FA542B86",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.52:beta1:*:*:*:*:*:*",
"matchCriteriaId": "EDDA25B9-3CE3-44F8-8B94-05E1840DBCE4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.52:beta2:*:*:*:*:*:*",
"matchCriteriaId": "EFB733B4-2DDD-4180-9E53-D399D499691D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.53:*:*:*:*:*:*:*",
"matchCriteriaId": "57C77E63-E7CF-4EFF-9177-715C1815A0F3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.53:b:*:*:*:*:*:*",
"matchCriteriaId": "4D74A8DF-DCD2-41AB-BDC1-A314B3B55DAD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.53:beta1:*:*:*:*:*:*",
"matchCriteriaId": "2180C5E4-0756-4034-A724-4BE220F28C09",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.54:*:*:*:*:*:*:*",
"matchCriteriaId": "EECA4D0B-0313-4B34-9A69-EE91ECC37270",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.60:*:*:*:*:*:*:*",
"matchCriteriaId": "46482B92-C1CF-4B50-B419-568262B6F38B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.60:alpha:*:*:*:*:*:*",
"matchCriteriaId": "E1D20372-9A36-4673-A8DA-413DAE04DCF9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.60:beta1:*:*:*:*:*:*",
"matchCriteriaId": "F4619C12-AA06-4465-B595-47FC844B28A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.61:*:*:*:*:*:*:*",
"matchCriteriaId": "C2046AA8-079B-49F9-A2F6-FCF58B509A70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.62:*:*:*:*:*:*:*",
"matchCriteriaId": "9D44F551-F0DF-4261-A13C-B81A4BD64D1A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:10.63:*:*:*:*:*:*:*",
"matchCriteriaId": "542D7F0A-01AF-4377-A96A-348651F56B98",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.00:*:*:*:*:*:*:*",
"matchCriteriaId": "72EEEE50-F5DD-413F-8937-7B1AFB151DF4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.00:beta:*:*:*:*:*:*",
"matchCriteriaId": "52A509DF-759B-466A-9D6E-4E4D559B0F8E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.01:*:*:*:*:*:*:*",
"matchCriteriaId": "CB95842D-6899-4ECD-B7F9-5CC62BE9D4AC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.10:*:*:*:*:*:*:*",
"matchCriteriaId": "5ACBA660-9AF0-40E2-8E9B-67E00D495023",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.10:beta:*:*:*:*:*:*",
"matchCriteriaId": "52A36E55-80F8-40CD-A7DD-7FC291DCC3BC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.11:*:*:*:*:*:*:*",
"matchCriteriaId": "D98C5934-589D-4C86-9DD5-C72D3EA1F60E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.50:*:*:*:*:*:*:*",
"matchCriteriaId": "2A2BE3AD-767D-4ED1-A361-037957EBBA0C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.50:beta:*:*:*:*:*:*",
"matchCriteriaId": "A1A640B6-6EEE-4968-AF1E-0B2D1160B2B0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.51:*:*:*:*:*:*:*",
"matchCriteriaId": "D0285C49-B30B-4C30-9E58-7A541B5E036C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.52:*:*:*:*:*:*:*",
"matchCriteriaId": "86DC6DAB-7263-4EA4-B4DC-17A47F61A254",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.52.1100:*:*:*:*:*:*:*",
"matchCriteriaId": "B820AB27-91C3-44D8-B9B6-10DB9905067A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.60:*:*:*:*:*:*:*",
"matchCriteriaId": "B6692220-BFFE-49F0-BDDE-171E40B90C1B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.60:beta:*:*:*:*:*:*",
"matchCriteriaId": "65619BBE-F7F0-48FB-877B-5D0431766098",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.61:*:*:*:*:*:*:*",
"matchCriteriaId": "933AAA5D-7558-46EA-A5F5-639E504F60C0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.62:*:*:*:*:*:*:*",
"matchCriteriaId": "4509B34E-A6BB-4853-BB27-B23B2F3E2718",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.64:*:*:*:*:*:*:*",
"matchCriteriaId": "F5B81C0D-ECE7-425D-9149-133D9F698753",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.65:*:*:*:*:*:*:*",
"matchCriteriaId": "204FBAA0-35AE-4CDE-8592-15233FB2CB5C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.66:*:*:*:*:*:*:*",
"matchCriteriaId": "06B8555C-80CF-49A9-A7BF-3ADF0DEA03F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:11.67:*:*:*:*:*:*:*",
"matchCriteriaId": "BE60CC7F-B76D-4A34-95F1-B8E22274FDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.00:*:*:*:*:*:*:*",
"matchCriteriaId": "4ECE9D17-A9DC-44FA-A54D-C7CBE413767D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.00:beta:*:*:*:*:*:*",
"matchCriteriaId": "1591C7A0-AFE1-4742-951F-333073E630D8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.01:*:*:*:*:*:*:*",
"matchCriteriaId": "457CB163-1463-4A0E-AD31-3EE09A7CFC30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.02:*:*:*:*:*:*:*",
"matchCriteriaId": "7CB8E7C6-19EE-418D-95BB-6512CC0B82A2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.10:*:*:*:*:*:*:*",
"matchCriteriaId": "571E5723-6DFA-4BBB-AD58-B55B3B8BA575",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.10:beta:*:*:*:*:*:*",
"matchCriteriaId": "444151A1-7A14-490E-A78E-7F85094AF346",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.11:*:*:*:*:*:*:*",
"matchCriteriaId": "38D21EA7-E9D5-464C-B65F-93B7D903D668",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.12:*:*:*:*:*:*:*",
"matchCriteriaId": "D86AF338-DB64-4834-A589-D48C3124073A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.13:*:*:*:*:*:*:*",
"matchCriteriaId": "5002E547-3226-4413-AF4C-9D95CEC0E3E8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.14:*:*:*:*:*:*:*",
"matchCriteriaId": "F0DBD34B-0B21-4032-AE91-1073488EC67D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:12.15:*:*:*:*:*:*:*",
"matchCriteriaId": "70A7ADDB-2AD1-4458-9735-30C92685A49F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:15.00:*:*:*:*:*:*:*",
"matchCriteriaId": "6F8807B7-E053-4ADF-9D9B-495F82194007",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:15.00:next:*:*:*:*:*:*",
"matchCriteriaId": "1401EDEB-7974-4481-A6B2-9C2EA25AE860",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:opera:opera_browser:16.00:*:*:*:*:*:*:*",
"matchCriteriaId": "DF0BF671-B5F2-464C-A91F-32B44F25FD7A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:google:android:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8255F035-04C8-4158-B301-82101711939C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The intent: URL implementation in Opera before 18 on Android allows attackers to read local files by leveraging an interaction error, as demonstrated by reading stored cookies."
},
{
"lang": "es",
"value": "El \"intent\" de la implementaci\u00f3n URL en Opera anterior a 18 en Android permite a atacantes leer archivos locales mediante el aprovechamiento de un error de interacci\u00f3n, tal como se ha demostrado mediante la lectura de cookies almacenadas."
}
],
"id": "CVE-2014-0815",
"lastModified": "2025-04-11T00:51:21.963",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2014-02-06T22:55:03.403",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvn.jp/en/jp/JVN23256725/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014"
},
{
"source": "vultures@jpcert.or.jp",
"url": "http://www.securityfocus.com/bid/65391"
},
{
"source": "vultures@jpcert.or.jp",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://blogs.opera.com/security/2014/01/security-changes-features-opera-19/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvn.jp/en/jp/JVN23256725/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2014-000014"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/65391"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/91090"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…