Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

BID:9640

Info

Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

Bugtraq ID: 9640
Class: Design Error
CVE:
Remote: Yes
Local: No
Published: Feb 11 2004 12:00AM
Updated: Feb 11 2004 12:00AM
Credit: This issue was published in an advisory released by Secunia <http://www.secunia.com>.
Vulnerable: Opera Software Opera Web Browser 7.23
Opera Software Opera Web Browser 7.22
Opera Software Opera Web Browser 7.21
Opera Software Opera Web Browser 7.20 Beta 1 build 2981
Opera Software Opera Web Browser 7.20
Opera Software Opera Web Browser 7.11 j
Opera Software Opera Web Browser 7.11 b
Opera Software Opera Web Browser 7.11
Opera Software Opera Web Browser 7.10
Opera Software Opera Web Browser 7.0 win32 Beta 2
Opera Software Opera Web Browser 7.0 win32 Beta 1
Opera Software Opera Web Browser 7.0 win32
Opera Software Opera Web Browser 7.0 3win32
Opera Software Opera Web Browser 7.0 2win32
Opera Software Opera Web Browser 7.0 1win32
Not Vulnerable:

Discussion

Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

A vulnerability has been reported in Opera that may allow files to be misrepresented to client users. The reported vulnerability involves specifying the CLSID for HTML applications in the name of a malicious file, followed by another file name and extension.

This issue could be exploited to disguise executable content in the form of an HTML application (HTA) file as a file type that may appear innocuous to a victim user, such as a media file. The file will appear to be of an attacker-specified type in the file download dialog presented to the user. The user may then download/open that file under the assumption it is safe, which could result in execution of malicious code on the client system in the context of the victim user. A proof-of-concept was released which creates an embedded web interface to play a media file, which could further convince the user to open the malicious HTML application.

Opera versions 7.x have been reported to be prone to this issue, however, other versions could be affected as well.

Exploit / POC

Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

A proof of concept can be found at the following location:
http://secunia.com/Internet_Explorer_File_Download_Extension_Spoofing_Test/

Solution / Fix

Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.

References

Opera Web Browser CLSID File Extension Misrepresentation Vulnerability

References:
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

Free CVE JSON API cve.report/api

CVE.report and Source URL Uptime Status status.cve.report