Описание
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
Ссылки
- Broken LinkPatch
- Broken LinkPatch
- PatchThird Party Advisory
- Broken Link
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkPatch
- Broken LinkPatch
- PatchThird Party Advisory
- Broken Link
- Broken LinkPatchThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 7.54 (включая)
cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
EPSS
Процентиль: 78%
0.01133
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-noinfo
Связанные уязвимости
github
почти 4 года назад
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
EPSS
Процентиль: 78%
0.01133
Низкий
2.6 Low
CVSS2
Дефекты
NVD-CWE-noinfo