Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Opera < 7.54u1 Download Box Spoofing

Medium

Synopsis

The remote browser allows attackers to spoof download file extensions.

Description

The remote host is using a version of Opera that is prone to a security flaw where a malicious website can spoof a filename within a download dialog box. An attacker exploiting this flaw would need to be able to entice a local user to browse to a malicious website. Upon visiting the website, the user would download a file with an obfuscated name.

Solution

Install Opera 7.54u1 or higher.