CVE Reference: CVE-2005-0456

NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE:
CVE-2005-0456

Description:
Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

CVE Status:
Candidate

References:

XF
  http://xforce.iss.net/xforce/xfdb/18867

SUSE
  http://www.novell.com/linux/security/advisories/2005_31_opera.html

SAID
  Secunia Advisory: SA13818

GENTOO
  http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml

CONFIRM
  http://www.opera.com/linux/changelogs/754u2/

CERT-VN
  882926


Return to the previous page.