CVE-2005-3006 — Browser vulnerability

3 documents3 sources

Severity

5.0MEDIUMNVD

EPSS

1.1%

top 21.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedSep 21

Latest updateMay 1

Description

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames.

CVSS vector

AV:N/AC:L/C:N/I:P/A:NExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser8.02+48

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: www.osvdb.org ↗

🔴Vulnerability Details

GHSA

GHSA-jq7v-mxv6-22q4: The mail client in Opera before 8↗2022-05-01

▶

CVEList

CVE-2005-3006: The mail client in Opera before 8↗2005-09-21

▶