ID de Prueba:	1.3.6.1.4.1.25623.1.0.14247
Categoría:	Windows
Título:	Opera web browser file download extension spoofing
Resumen:	The remote host is using Opera - an alternative web browser.; This version contains a flaw that may allow a malicious user; to trick a user into running arbitrary code.; The issue is triggered when a malicious web site provides a file for download,; but crafts the filename in such a way that the file is executed, rather than saved.; It is possible that the flaw may allow arbitrary code execution resulting in a; loss of confidentiality, integrity, and/or availability.
Descripción:	Summary: The remote host is using Opera - an alternative web browser. This version contains a flaw that may allow a malicious user to trick a user into running arbitrary code. The issue is triggered when a malicious web site provides a file for download, but crafts the filename in such a way that the file is executed, rather than saved. It is possible that the flaw may allow arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability. Solution: Install Opera 7.50 or newer. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2083 BugTraq ID: 9640 http://www.securityfocus.com/bid/9640 http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/ http://www.osvdb.org/3917 http://secunia.com/advisories/10760 XForce ISS Database: opera-cslid-extension-spoof(21698) https://exchange.xforce.ibmcloud.com/vulnerabilities/21698
Copyright	Copyright (C) 2004 David Maciejak

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.