Critical:
Moderately critical
Impact: Security Bypass
Where: From remote
Software: Opera 7.x
Description:
A vulnerability has been identified in Opera, allowing malicious web sites to spoof the file extension of downloadable files.
The problem is that Opera can be tricked into opening a file, with a different application than indicated. This can be done by embedding a CLSID in the file name. This could be exploited to trick users into opening "trusted" file types which are in fact malicious files.
A demonstration of the vulnerability may be found here:
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/
Solution:
Do not use "Open" file, always save files to a folder as this reveals the suspicious filename.
http://www.secunia.com/advisories/10760/

Chowhound
Comic Vine
GameFAQs
GameSpot
Giant Bomb
TechRepublic