Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.
References
Configurations
History
21 Nov 2024, 00:00
Type | Values Removed | Values Added |
---|---|---|
References | () http://marc.info/?l=bugtraq&m=112724692219695&w=2 - Mailing List, Third Party Advisory | |
References | () http://secunia.com/advisories/16645 - Broken Link, Patch | |
References | () http://secunia.com/secunia_research/2005-42/advisory/ - Broken Link, Patch | |
References | () http://www.opera.com/docs/changelogs/linux/850/ - Broken Link | |
References | () http://www.opera.com/docs/changelogs/windows/850/ - Broken Link | |
References | () http://www.osvdb.org/19509 - Broken Link | |
References | () http://www.securityfocus.com/advisories/9339 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/14880 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.vupen.com/english/advisories/2005/1789 - Broken Link | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/22337 - Third Party Advisory, VDB Entry |
Information
Published : 2005-09-21 20:03
Updated : 2024-11-21 00:00
NVD link : CVE-2005-3007
Mitre link : CVE-2005-3007
CVE.ORG link : CVE-2005-3007
JSON object : View
Products Affected
opera
- opera_browser
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')