Rapid7 Vulnerability & Exploit Database

SUSE-SA:2005:057: opera remote script insertion

Free InsightVM Trial No credit card necessary

Watch Demo See how it all works

Back to Search

SUSE-SA:2005:057: opera remote script insertion

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

09/26/2005

Created

07/25/2018

Added

11/08/2005

Modified

11/18/2015

Description

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames.

Solution(s)

References

https://attackerkb.com/topics/cve-2005-3006
14880
CVE - 2005-3006
CVE - 2005-3007
19508
19509
SUSE-SA:2005:057
SuSE-SA:2005:057
http://marc.theaimsgroup.com/?l=bugtraq&m=112724692219695&w=2
http://www.frsirt.com/english/advisories/2005/1789
http://www.novell.com/linux/security/advisories/2005_57_opera.html
http://www.opera.com/docs/changelogs/linux/850/
http://www.opera.com/docs/changelogs/windows/850/
22335
22337

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;