Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1490

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-1490
Last Modified 05 Sep 2008 04:41:32
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-1490

Summary

Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.

Vulnerable Systems

Application

  • Opera Software Opera Web Browser 5.0

  • Opera Software Opera Web Browser 5.0.2

  • Opera Software Opera Web Browser 5.1.0

  • Opera Software Opera Web Browser 5.1.1

  • Opera Software Opera Web Browser 5.12

  • Opera Software Opera Web Browser 6.0

  • Opera Software Opera Web Browser 6.0.1

  • Opera Software Opera Web Browser 6.0.2

  • Opera Software Opera Web Browser 6.0.3

  • Opera Software Opera Web Browser 6.0.4

  • Opera Software Opera Web Browser 6.0.5

  • Opera Software Opera Web Browser 6.0.6

  • Opera Software Opera Web Browser 6.10

  • Opera Software Opera Web Browser 7.0

  • Opera Software Opera Web Browser 7.0 Beta1

  • Opera Software Opera Web Browser 7.0 Beta2

  • Opera Software Opera Web Browser 7.0.1

  • Opera Software Opera Web Browser 7.0.2

  • Opera Software Opera Web Browser 7.0.3

  • Opera Software Opera Web Browser 7.10

  • Opera Software Opera Web Browser 7.11

  • Opera Software Opera Web Browser 7.11b

  • Opera Software Opera Web Browser 7.11j

  • Opera Software Opera Web Browser 7.20

  • Opera Software Opera Web Browser 7.20 Beta1 Build2981

  • Opera Software Opera Web Browser 7.21

  • Opera Software Opera Web Browser 7.22

  • Opera Software Opera Web Browser 7.23

  • Opera Software Opera Web Browser 7.50

  • Opera Software Opera Web Browser 7.50b1

  • Opera Software Opera Web Browser 7.51

  • Opera Software Opera Web Browser 7.52

  • Opera Software Opera Web Browser 7.53

  • Opera Software Opera Web Browser 7.54


References

BID - 11883

GENTOO - GLSA-200502-17

MISC - http://secunia.com/secunia_research/2004-19/advisory/

SECUNIA - 12981

XF - opera-file-type-spoofing(18423)

CONFIRM - http://www.opera.com/linux/changelogs/754u1/


Last Updated: 27 May 2016 10:39:04