Test ID:	1.3.6.1.4.1.25623.1.0.14247
Category:	Windows
Title:	Opera web browser file download extension spoofing
Summary:	The remote host is using Opera - an alternative web browser.; This version contains a flaw that may allow a malicious user; to trick a user into running arbitrary code.; The issue is triggered when a malicious web site provides a file for download,; but crafts the filename in such a way that the file is executed, rather than saved.; It is possible that the flaw may allow arbitrary code execution resulting in a; loss of confidentiality, integrity, and/or availability.
Description:	Summary: The remote host is using Opera - an alternative web browser. This version contains a flaw that may allow a malicious user to trick a user into running arbitrary code. The issue is triggered when a malicious web site provides a file for download, but crafts the filename in such a way that the file is executed, rather than saved. It is possible that the flaw may allow arbitrary code execution resulting in a loss of confidentiality, integrity, and/or availability. Solution: Install Opera 7.50 or newer. CVSS Score: 2.6 CVSS Vector: AV:N/AC:H/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2004-2083 BugTraq ID: 9640 http://www.securityfocus.com/bid/9640 http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/ http://www.osvdb.org/3917 http://secunia.com/advisories/10760 XForce ISS Database: opera-cslid-extension-spoof(21698) https://exchange.xforce.ibmcloud.com/vulnerabilities/21698
Copyright	Copyright (C) 2004 David Maciejak

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.