Lucene search
MitreCVE-2005-2405HistoryAug 01, 2005 - 4:00 a.m.
CVE-2005-2405
2005-08-0104:00:00
CWE-20
mitre
web.nvd.nist.gov
27
opera
8.01
arial unicode ms
font
file download
dialog box
remote attackers
file extensions
arbitrary code
vulnerability
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
High
EPSS
0.009
Percentile
83.2%
Opera 8.01, when the “Arial Unicode MS” font (ARIALUNI.TTF) is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code.
Affected configurations
Node
operaopera_browserMatch8.01
| Vendor | Product | Version | CPE |
|---|---|---|---|
| opera | opera_browser | 8.01 | cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:* |
Related
openvas
openvas
FreeBSD Ports: linux-opera, opera-devel, opera
2008-09-04 00:00:00
FreeBSD Ports: linux-opera, opera-devel, opera
2008-09-04 00:00:00
nvd
nvd
CVE-2005-2405
2005-08-01 04:00:00
cvelist
cvelist
CVE-2005-2405
2005-07-28 04:00:00
nessus
nessus
Opera < 8.02 Multiple Vulnerabilities
2005-07-29 00:00:00
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
AI Score
6.9
Confidence
High
EPSS
0.009
Percentile
83.2%
Related for CVE-2005-2405