CVE-2011-0685

Sažetak

The Delete Private Data feature in Opera before 11.01 does not properly implement the "Clear all email account passwords" option, which might allow physically proximate attackers to access an e-mail account via an unattended workstation.

Reference

http://osvdb.org/70731
http://secunia.com/advisories/43023
http://www.opera.com/docs/changelogs/mac/1101/
http://www.opera.com/docs/changelogs/unix/1101/
http://www.opera.com/docs/changelogs/windows/1101/
http://www.opera.com/support/kb/view/986/
http://www.securityfocus.com/bid/46036
http://www.vupen.com/english/advisories/2011/0231
https://exchange.xforce.ibmcloud.com/vulnerabilities/65018
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12507

CVSS

Base:	2.1
Impact:	2.9
Exploitability:	3.9

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	PARTIAL	NONE

CVSS vektor

AV:L/AC:L/Au:N/C:N/I:P/A:N

Zadnje važnije ažuriranje

19-09-2017 - 01:32

Objavljeno

31-01-2011 - 21:00