Lucene search

[email protected]CVE-2005-2407

HistoryAug 01, 2005 - 4:00 a.m.

CVE-2005-2407

2005-08-0104:00:00

CWE-1021

[email protected]

web.nvd.nist.gov

opera

design error

arbitrary code execution

link hijacking

security vulnerability

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the “Run” button, aka “link hijacking”.

CPENameOperatorVersion
opera:opera_browseropera opera browserle8.01

CPE	Name	Operator	Version
opera:opera_browser	opera opera browser	le	8.01

References

secunia.com/advisories/15781

secunia.com/secunia_research/2005-19/advisory/

securitytracker.com/id?1015353

www.opera.com/linux/changelogs/802/

www.securityfocus.com/bid/15835

www.vupen.com/english/advisories/2005/1251

7.5 High

AI Score

Confidence

Low

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.009 Low

EPSS

Percentile

82.3%

JSON

Related for CVE-2005-2407

prion1 cve2 nessus1