CVE-2005-3007 — Injection in Browser

CWE-74 — Injection3 documents3 sources

Severity

2.6LOWNVD

EPSS

1.5%

top 19.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedSep 21

Latest updateMay 1

Description

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content.

CVSS vector

AV:N/AC:H/C:N/I:P/A:NExploitability: 4.9 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser< 8.50

Patches

Patch: secunia.com ↗Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-v4c3-7gp9-x6mf: Opera before 8↗2022-05-01

▶

CVEList

CVE-2005-3007: Opera before 8↗2005-09-21

▶