CVE-2004-2570

N/A Unknown

Published: December 31, 2004 Modified: April 16, 2026

Description

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html

Source: cve@mitre.org

Broken Link

http://osvdb.org/8331

Source: cve@mitre.org

Broken Link

http://secunia.com/advisories/12233

Source: cve@mitre.org

Broken Link Patch Vendor Advisory

http://www.gentoo.org/security/en/glsa/glsa-200408-05.xml

Source: cve@mitre.org

Patch Third Party Advisory

http://www.greymagic.com/security/advisories/gm008-op/

Source: cve@mitre.org

Broken Link Exploit Vendor Advisory

http://www.opera.com/docs/changelogs/windows/754/

Source: cve@mitre.org

Broken Link Patch

http://www.securityfocus.com/bid/10873

Source: cve@mitre.org

Broken Link Patch Third Party Advisory VDB Entry

https://exchange.xforce.ibmcloud.com/vulnerabilities/16904

Source: cve@mitre.org

Third Party Advisory VDB Entry

http://archives.neohapsis.com/archives/fulldisclosure/2004-08/0131.html