cvelist/2008/4xxx/CVE-2008-4696.json

{
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2008-4696",
      "STATE" : "PUBLIC"
   },
   "affects" : {
      "vendor" : {
         "vendor_data" : [
            {
               "product" : {
                  "product_data" : [
                     {
                        "product_name" : "n/a",
                        "version" : {
                           "version_data" : [
                              {
                                 "version_value" : "n/a"
                              }
                           ]
                        }
                     }
                  ]
               },
               "vendor_name" : "n/a"
            }
         ]
      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
   "data_version" : "4.0",
   "description" : {
      "description_data" : [
         {
            "lang" : "eng",
            "value" : "Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the \"optional fragment\"), which is not properly escaped before storage in the History Search database (aka md.dat)."
         }
      ]
   },
   "problemtype" : {
      "problemtype_data" : [
         {
            "description" : [
               {
                  "lang" : "eng",
                  "value" : "n/a"
               }
            ]
         }
      ]
   },
   "references" : {
      "reference_data" : [
         {
            "name" : "20081022 Opera Stored Cross Site Scripting Vulnerability",
            "refsource" : "BUGTRAQ",
            "url" : "http://www.securityfocus.com/archive/1/497646/100/0/threaded"
         },
         {
            "name" : "6801",
            "refsource" : "EXPLOIT-DB",
            "url" : "https://www.exploit-db.com/exploits/6801"
         },
         {
            "name" : "[oss-security] 20081021 Re: CVE Request: Opera 9.60 with security fixes",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2008/10/21/6"
         },
         {
            "name" : "[oss-security] 20081022 Re: CVE Request: Opera 9.60 with security fixes",
            "refsource" : "MLIST",
            "url" : "http://www.openwall.com/lists/oss-security/2008/10/22/5"
         },
         {
            "name" : "http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf",
            "refsource" : "MISC",
            "url" : "http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf"
         },
         {
            "name" : "http://www.opera.com/docs/changelogs/freebsd/961/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/docs/changelogs/freebsd/961/"
         },
         {
            "name" : "http://www.opera.com/docs/changelogs/linux/961/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/docs/changelogs/linux/961/"
         },
         {
            "name" : "http://www.opera.com/docs/changelogs/mac/961/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/docs/changelogs/mac/961/"
         },
         {
            "name" : "http://www.opera.com/docs/changelogs/solaris/961/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/docs/changelogs/solaris/961/"
         },
         {
            "name" : "http://www.opera.com/docs/changelogs/windows/961/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/docs/changelogs/windows/961/"
         },
         {
            "name" : "http://www.opera.com/support/search/view/903/",
            "refsource" : "CONFIRM",
            "url" : "http://www.opera.com/support/search/view/903/"
         },
         {
            "name" : "GLSA-200811-01",
            "refsource" : "GENTOO",
            "url" : "http://security.gentoo.org/glsa/glsa-200811-01.xml"
         },
         {
            "name" : "SUSE-SR:2008:022",
            "refsource" : "SUSE",
            "url" : "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html"
         },
         {
            "name" : "31869",
            "refsource" : "BID",
            "url" : "http://www.securityfocus.com/bid/31869"
         },
         {
            "name" : "32538",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/32538"
         },
         {
            "name" : "ADV-2008-2873",
            "refsource" : "VUPEN",
            "url" : "http://www.vupen.com/english/advisories/2008/2873"
         },
         {
            "name" : "32299",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/32299"
         },
         {
            "name" : "32394",
            "refsource" : "SECUNIA",
            "url" : "http://secunia.com/advisories/32394"
         },
         {
            "name" : "4504",
            "refsource" : "SREASON",
            "url" : "http://securityreason.com/securityalert/4504"
         },
         {
            "name" : "opera-historysearch-xss(46003)",
            "refsource" : "XF",
            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46003"
         }
      ]
   }
}
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`{`
			`"CVE_data_meta" : {`
			`"ASSIGNER" : "cve@mitre.org",`
			`"ID" : "CVE-2008-4696",`
			`"STATE" : "PUBLIC"`
			`},`
			`"affects" : {`
			`"vendor" : {`
			`"vendor_data" : [`
			`{`
			`"product" : {`
			`"product_data" : [`
			`{`
			`"product_name" : "n/a",`
			`"version" : {`
			`"version_data" : [`
			`{`
			`"version_value" : "n/a"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name" : "n/a"`
			`}`
			`]`
			`}`
			`},`
			`"data_format" : "MITRE",`
			`"data_type" : "CVE",`
			`"data_version" : "4.0",`
			`"description" : {`
			`"description_data" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the \"optional fragment\"), which is not properly escaped before storage in the History Search database (aka md.dat)."`
			`}`
			`]`
			`},`
			`"problemtype" : {`
			`"problemtype_data" : [`
			`{`
			`"description" : [`
			`{`
			`"lang" : "eng",`
			`"value" : "n/a"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references" : {`
			`"reference_data" : [`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "20081022 Opera Stored Cross Site Scripting Vulnerability",`
			`"refsource" : "BUGTRAQ",`
- Synchronized data. 2018-10-11 16:05:44 -04:00			`"url" : "http://www.securityfocus.com/archive/1/497646/100/0/threaded"`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "6801",`
			`"refsource" : "EXPLOIT-DB",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://www.exploit-db.com/exploits/6801"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20081021 Re: CVE Request: Opera 9.60 with security fixes",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2008/10/21/6"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "[oss-security] 20081022 Re: CVE Request: Opera 9.60 with security fixes",`
			`"refsource" : "MLIST",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.openwall.com/lists/oss-security/2008/10/22/5"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf",`
			`"refsource" : "MISC",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/docs/changelogs/freebsd/961/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/docs/changelogs/freebsd/961/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/docs/changelogs/linux/961/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/docs/changelogs/linux/961/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/docs/changelogs/mac/961/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/docs/changelogs/mac/961/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/docs/changelogs/solaris/961/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/docs/changelogs/solaris/961/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/docs/changelogs/windows/961/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/docs/changelogs/windows/961/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "http://www.opera.com/support/search/view/903/",`
			`"refsource" : "CONFIRM",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.opera.com/support/search/view/903/"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "GLSA-200811-01",`
			`"refsource" : "GENTOO",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://security.gentoo.org/glsa/glsa-200811-01.xml"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "SUSE-SR:2008:022",`
			`"refsource" : "SUSE",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "31869",`
			`"refsource" : "BID",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.securityfocus.com/bid/31869"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "32538",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/32538"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "ADV-2008-2873",`
			`"refsource" : "VUPEN",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://www.vupen.com/english/advisories/2008/2873"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "32299",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/32299"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "32394",`
			`"refsource" : "SECUNIA",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://secunia.com/advisories/32394"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "4504",`
			`"refsource" : "SREASON",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "http://securityreason.com/securityalert/4504"`
			`},`
			`{`
- Added 'refsource' and 'name' attributes for reference urls and aligned treatment of whitespace in descriptions with data downloads. 2018-04-05 09:33:01 -04:00			`"name" : "opera-historysearch-xss(46003)",`
			`"refsource" : "XF",`
- Populated repo from CVE List. 2017-10-16 12:31:07 -04:00			`"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/46003"`
			`}`
			`]`
			`}`
			`}`