Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.14247
Kategorie:Windows
Titel:Opera web browser file download extension spoofing
Zusammenfassung:The remote host is using Opera - an alternative web browser.; This version contains a flaw that may allow a malicious user; to trick a user into running arbitrary code.; The issue is triggered when an malicious web site provides a file for download,; but crafts the filename in such a way that the file is executed, rather than saved.; It is possible that the flaw may allow arbitrary code execution resulting in a; loss of confidentiality, integrity, and/or availability.
Beschreibung:Summary:
The remote host is using Opera - an alternative web browser.
This version contains a flaw that may allow a malicious user
to trick a user into running arbitrary code.
The issue is triggered when an malicious web site provides a file for download,
but crafts the filename in such a way that the file is executed, rather than saved.
It is possible that the flaw may allow arbitrary code execution resulting in a
loss of confidentiality, integrity, and/or availability.

Solution:
Install Opera 7.50 or newer.

CVSS Score:
2.6

CVSS Vector:
AV:N/AC:H/Au:N/C:N/I:P/A:N

Querverweis: BugTraq ID: 9640
Common Vulnerability Exposure (CVE) ID: CVE-2004-2083
http://www.securityfocus.com/bid/9640
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/
http://www.osvdb.org/3917
http://secunia.com/advisories/10760
XForce ISS Database: opera-cslid-extension-spoof(21698)
https://exchange.xforce.ibmcloud.com/vulnerabilities/21698
CopyrightCopyright (C) 2004 David Maciejak

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.