VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 27, 2008· Updated Apr 23, 2026

CVE-2008-4199

CVE-2008-4199

Description

Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation."

Affected products

85
  • Opera/Opera Browser85 versions
    cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*+ 84 more
    • cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*range: <=9.51
    • cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.0:beta3:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.53:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.0:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.21:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.23:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.24:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.25:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.26:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.27:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.50:*:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.50:beta1:*:*:*:*:*:*
    • cpe:2.3:a:opera:opera_browser:9.50:beta2:*:*:*:*:*:*

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

16

News mentions

0

No linked articles in our index yet.