CVE-2005-2407

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking".

Published: Aug 1, 2005
Updated: Apr 13, 2023
CVE: CVE-2005-2407
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.1
AV:N/AC:H/Au:N/C:P/I:P/A:P

CWEs:

CWE-1021

Affected Software
References

Software	From	Fixed in
opera / opera_browser	-	8.01.x

http://secunia.com/advisories/15781
http://secunia.com/secunia_research/2005-19/advisory/
http://securitytracker.com/id?1015353
http://www.opera.com/linux/changelogs/802/
http://www.securityfocus.com/bid/15835
http://www.vupen.com/english/advisories/2005/1251

Vulnerability Database

289,697

CVE-2005-2407