CVE-2004-2659

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:mozilla:mozilla:-:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2024-02-28 10:42


NVD link : CVE-2004-2659

Mitre link : CVE-2004-2659

CVE.ORG link : CVE-2004-2659


JSON object : View

Products Affected

opera

  • opera_browser

mozilla

  • mozilla
CWE
CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')