CVE-2005-3007

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 21-09-2005 10:03

Last modified: - 06-10-2022 02:13

Total changes: - 3

Description

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:H/Au:N/C:N/I:P/A:N

High

Attack complexity

Network

Attack vector

None

Availability

None

Confidentiality

Low

Integrity

Privileges required

Scope

User interaction

2.6

Base score

4.9

2.9

Exploitability score

Impact score

Verification logic

Reference

http://secunia.com/secunia_research/2005-42/advisory/
16645-Broken Link, Patch
http://www.opera.com/docs/changelogs/linux/850/
19509-Broken Link
http://www.opera.com/docs/changelogs/windows/850/
SuSE-SA:2005:057-Broken Link, Third Party Advisory, VDB Entry
14880-Broken Link, Third Party Advisory, VDB Entry
ADV-2005-1789-Broken Link
20050920 Secunia Research: Opera Mail Client Attachment Spoofing and Script Insertion-Mailing List, Third Party Advisory
opera-filename-spoofing(22337)-Third Party Advisory, VDB Entry

Keywords

CVE-2005-3007

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2005-3007

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures