ID CVE-2005-0456
Summary Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.
References
Vulnerable Configurations
  • cpe:2.3:a:opera:opera_browser:1.00:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:1.00:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.00:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.00:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.10:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.10:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.10:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.10:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.10:beta3:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.10:beta3:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:2.12:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:2.12:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.00:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.00:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.00:beta:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.00:beta:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.21:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.21:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.50:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.50:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.51:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.51:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.60:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.60:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.61:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.61:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.62:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.62:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:3.62:beta:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:3.62:beta:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:beta3:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:beta3:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:beta4:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:beta4:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:beta5:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:beta5:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.00:beta6:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.00:beta6:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.01:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.01:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:4.02:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:4.02:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:beta3:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:beta3:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.30:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.30:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*
  • cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*
    cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 28-02-2022 - 17:41)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE PARTIAL NONE
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:P/A:N
refmap via4
cert-vn VU#882926
confirm http://www.opera.com/linux/changelogs/754u2/
gentoo GLSA-200502-17
secunia 13818
suse SUSE-SA:2005:031
xf opera-data-dialog-spoofing(18867)
Last major update 28-02-2022 - 17:41
Published 12-01-2005 - 05:00
Last modified 28-02-2022 - 17:41
Back to Top