CVE-2010-4582

MEDIUM

Description

Opera before 11.00 does not properly handle security policies during updates to extensions, which might allow remote attackers to bypass intended access restrictions via unspecified vectors.

References

http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00006.html

http://secunia.com/advisories/42653

http://www.opera.com/docs/changelogs/mac/1100/

http://www.opera.com/docs/changelogs/unix/1100/

http://www.opera.com/docs/changelogs/windows/1100/

Details

Source: MITRE

Published: 2010-12-22

Updated: 2011-01-22

Type: CWE-264

Risk Information

CVSS v2.0

Base Score: 5

Vector: (AV:N/AC:L/Au:N/C:N/I:P/A:N)

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM