VULHUB ™

A vulnerability has been reported in Opera that may allow files to be misrepresented to client users. The reported vulnerability involves specifying the CLSID for HTML applications in the name of a malicious file, followed by another file name and extension. This issue could be exploited to disguise executable content in the form of an HTML application (HTA) file as a file type that may appear innocuous to a victim user, such as a media file. The file will appear to be of an attacker-specified type in the file download dialog presented to the user. The user may then download/open that file under the assumption it is safe, which could result in execution of malicious code on the client system in the context of the victim user. A proof-of-concept was released which creates an embedded web interface to play a media file, which could further convince the user to open the malicious HTML application. Opera versions 7.x have been reported to be prone to this issue, however, other versions...

A vulnerability has been reported in Opera that may allow files to be misrepresented to client users. The reported vulnerability involves specifying the CLSID for HTML applications in the name of a malicious file, followed by another file name and extension. This issue could be exploited to disguise executable content in the form of an HTML application (HTA) file as a file type that may appear innocuous to a victim user, such as a media file. The file will appear to be of an attacker-specified type in the file download dialog presented to the user. The user may then download/open that file under the assumption it is safe, which could result in execution of malicious code on the client system in the context of the victim user. A proof-of-concept was released which creates an embedded web interface to play a media file, which could further convince the user to open the malicious HTML application. Opera versions 7.x have been reported to be prone to this issue, however, other versions could be affected as well.