5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
0.01 Low
EPSS
Percentile
83.5%
The Opera web browser fails to validate data encoded using the RFC 2397 scheme. A remote attacker may be able to execute arbitrary code on a vulnerable system.
The Opera web browser fails to properly handle binary data encoded following the RFC 2397 specification for sending data in a URI. According to RFC 2397, binary data can be encoded directly in a URI in the following format:
data:[<mediatype>][;base64],<data>
Where data
is base64 encoded binary data.
If binary data is encoded in a URI following the RFC 2397 scheme, and accessed via an Opera web browser, Opera will prompt the user for the action to take (OPEN, SAVE, or CANCEL). If the user attempts to open the binary data with Opera, the data should open with an application the user chooses or the default application if one isn’t specified. However, Opera executes the binary data directly (if the binary data is executable).
If a remote attacker can convince a user to access a specially crafted web page or HTML email, that attacker may be able to run an arbitrary code on the users system.
We are not aware a practical solution at this time. Consider the following Workaround**:**
Do Not Follow Unsolicited Links
In order to convince users to visit their sites, attackers often use URL encoding, IP address variations, long URLs, intentional misspellings, and other techniques to create misleading links. Do not click on unsolicited links received in email, instant messages, web forums, or internet relay chat (IRC) channels. Type URLs directly into the browser to avoid these misleading links. While these are generally good security practices, following these behaviors will not prevent exploitation of this vulnerability in all cases.
882926
Filter by status: All Affected Not Affected Unknown
Filter by content: __ Additional information available
__ Sort by: Status Alphabetical
Expand all
Javascript is disabled. Click here to view vendors.
Updated: January 20, 2005
Unknown
We have not received a statement from the vendor.
The vendor has not provided us with any further information regarding this vulnerability.
US-CERT has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us [email](<mailto:[email protected]?Subject=VU%23882926 Feedback>).
Group | Score | Vector |
---|---|---|
Base | ||
Temporal | ||
Environmental |
This vulnerability was reported by Michael Holzt.
This document was written by Jeff Gennari.
CVE IDs: | CVE-2005-0456 |
---|---|
Severity Metric: | 12.24 Date Public: |