Opera < 7.54u1 Download Box Spoofing
Medium Log Correlation Engine Plugin ID 800841
SynopsisThe remote browser allows attackers to spoof download file extensions.
DescriptionThe remote host is using a version of Opera that is prone to a security flaw where a malicious website can spoof a filename within a download dialog box. An attacker exploiting this flaw would need to be able to entice a local user to browse to a malicious website. Upon visiting the website, the user would download a file with an obfuscated name.
SolutionInstall Opera 7.54u1 or higher.