Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.
References
Link | Resource |
---|---|
http://marc.info/?l=bugtraq&m=112724692219695&w=2 | Mailing List Third Party Advisory |
http://secunia.com/advisories/16645 | Broken Link Patch |
http://secunia.com/secunia_research/2005-42/advisory/ | Broken Link Patch |
http://www.opera.com/docs/changelogs/linux/850/ | Broken Link |
http://www.opera.com/docs/changelogs/windows/850/ | Broken Link |
http://www.osvdb.org/19509 | Broken Link |
http://www.securityfocus.com/advisories/9339 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/14880 | Broken Link Third Party Advisory VDB Entry |
http://www.vupen.com/english/advisories/2005/1789 | Broken Link |
https://exchange.xforce.ibmcloud.com/vulnerabilities/22337 | Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2005-09-21 20:03
Updated : 2024-02-28 10:42
NVD link : CVE-2005-3007
Mitre link : CVE-2005-3007
CVE.ORG link : CVE-2005-3007
JSON object : View
Products Affected
opera
- opera_browser
CWE
CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')