CVE-2004-2083

Опубликовано: 11 фев. 2004

Источник: nvd

CVSS2: 2.6

EPSS Низкий

Описание

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."

Ссылки

http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/
Broken Link
Vendor Advisory
http://secunia.com/advisories/10760
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/750b1/
Broken Link
http://www.osvdb.org/3917
Broken Link
http://www.securityfocus.com/bid/9640
Broken Link
Exploit
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/21698
Third Party Advisory
VDB Entry
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/
Broken Link
Vendor Advisory
http://secunia.com/advisories/10760
Broken Link
Vendor Advisory
http://www.opera.com/docs/changelogs/windows/750b1/
Broken Link
http://www.osvdb.org/3917
Broken Link
http://www.securityfocus.com/bid/9640
Broken Link
Exploit
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/21698
Third Party Advisory
VDB Entry

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия от 7.0 (включая) до 7.23 (включая)

EPSS

Процентиль: 78%

0.01142

Низкий

2.6 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-qqg2-xjw3-r727

github

почти 4 года назад