-
February 16th, 2002, 12:37 AM
#1
Vulneravility: Opera TXT & HTML Mix-up
Opera Content-Type HTML File Execution Vulnerability
Opera does not properly handle files based on the Content-Type specified. If HTML tags are included in the body of a file, Opera will not handle the file according to the Content-Type. For example: A file has the Content-Type text/plain and contains HTML tags in the file, Opera will execute the file as a HTML type rather than a text file.
It is possible to create a malicious web page containing arbitrary script code. When a legitimate user browses the malicious page, the script code could be executed in the user's browser.
Remote:Yes
Exploit: No exploit code is required to take advantage of this issue.
Vulnerable: Opera Software Opera Web Browser 6.0.1win32
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|