Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Opera Browser File Download Extension Spoofing

Feb 11, 2004 12:07AM PST

Critical:
Moderately critical
Impact: Security Bypass

Where: From remote



Software: Opera 7.x




Description:
A vulnerability has been identified in Opera, allowing malicious web sites to spoof the file extension of downloadable files.

The problem is that Opera can be tricked into opening a file, with a different application than indicated. This can be done by embedding a CLSID in the file name. This could be exploited to trick users into opening "trusted" file types which are in fact malicious files.

A demonstration of the vulnerability may be found here:
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

Solution:
Do not use "Open" file, always save files to a folder as this reveals the suspicious filename.


http://www.secunia.com/advisories/10760/

Discussion is locked