Описание
Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.
Ссылки
- Broken LinkExploit
- ExploitVendor Advisory
- Broken LinkExploit
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:mozilla:mozilla:-:*:*:*:*:*:*:*
cpe:2.3:a:opera:opera_browser:-:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00308
Низкий
4 Medium
CVSS2
Дефекты
CWE-362
Связанные уязвимости
github
почти 4 года назад
Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.
EPSS
Процентиль: 54%
0.00308
Низкий
4 Medium
CVSS2
Дефекты
CWE-362