Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2083

Overview

Vulnerability Score 2.6 2.6
CVE Id CVE-2004-2083
Last Modified 05 Sep 2008 04:43:09
Published 11 Feb 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-2083

Summary

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."

Vulnerable Systems

Application

  • Opera Software Opera Web Browser 7.0

  • Opera Software Opera Web Browser 7.0 Beta1

  • Opera Software Opera Web Browser 7.0 Beta2

  • Opera Software Opera Web Browser 7.0.1

  • Opera Software Opera Web Browser 7.0.2

  • Opera Software Opera Web Browser 7.0.3

  • Opera Software Opera Web Browser 7.10

  • Opera Software Opera Web Browser 7.11

  • Opera Software Opera Web Browser 7.11b

  • Opera Software Opera Web Browser 7.11j

  • Opera Software Opera Web Browser 7.20

  • Opera Software Opera Web Browser 7.20 Beta1 Build2981

  • Opera Software Opera Web Browser 7.21

  • Opera Software Opera Web Browser 7.22

  • Opera Software Opera Web Browser 7.23


References

BID - 9640

MISC - http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

SECUNIA - 10760

XF - opera-cslid-extension-spoof(21698)

OSVDB - 3917

CONFIRM - http://www.opera.com/docs/changelogs/windows/750b1/


Last Updated: 27 May 2016 10:39:20