CVE-2004-2570 Information

Description

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client’s local filesystem or display a false URL to the user.

Reference

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html http://osvdb.org/8331 http://secunia.com/advisories/12233 http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml http://www.greymagic.com/security/advisories/gm008-op/ http://www.opera.com/docs/changelogs/windows/754/ http://www.securityfocus.com/bid/10873 https://exchange.xforce.ibmcloud.com/vulnerabilities/16904