Opera file type spoofing

opera-file-type-spoofing (18423) The risk level is classified as MediumMedium Risk

Description:

Opera 7.54 running on Microsoft Windows and possibly other versions could allow a remote attacker to cause the wrong file type to be displayed in a file download dialog box. A remote attacker could modify the "Content-Type" and "Content-Disposition" HTML headers in a Web page to spoof the file type that is displayed in the file download dialog box when a file download is initiated. An attacker could exploit this vulnerability by hosting a malicious page on a Web site or sending it within an HTML email.

Platforms Affected:

  • Gentoo, Linux
  • Opera, Opera 7.54

Remedy:

Apply the 7.54u1 security update, available from the Opera Download Web page. See References.

For Gentoo Linux (Opera):
Refer to Gentoo Linux Security Announcement GLSA 2005-02-17 for patch, upgrade, or suggested workaround information. See References.

Consequences:

Gain Access

References:

  • Opera Download Web page, Download Opera Web browser at http://www.opera.com/download/.
  • BID-11883: Opera Web Browser Download Dialogue Box File Name Spoofing Vulnerability
  • CVE-2004-1490: Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.
  • GLSA-200502-17: Opera: Multiple vulnerabilities
  • SA12981: Opera Download Dialog Spoofing Vulnerability

Reported:

Dec 10, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page