Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2659

Overview

Vulnerability Score 4.0 4.0
CVE Id CVE-2004-2659
Last Modified 05 Sep 2008 04:44:45
Published 31 Dec 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2004-2659

Summary

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.

Vulnerable Systems

Application

  • Mozilla

  • Opera Software Opera 9.2


References

MISC - http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/

FULLDISC - 20040407 Race conditions in security dialogs


Last Updated: 27 May 2016 10:39:34