Arbitrary Code Execution via Obscured Download Dialog in Opera 7.54 and Earlier

Arbitrary Code Execution via Obscured Download Dialog in Opera 7.54 and Earlier

CVE-2005-0456 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:P/A:N

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

Learn more about our User Device Pen Test.