Opera Web Browser 5 Warning Dialogue Bypass Vulnerability

Opera Web Browser 5.02 (win32) is a free web browser. When a remote executable file is requested by the user (for example, by clicking on a link to download it), a warning dialogue is displayed asking whether the user wants to save the file to disk or open it. A checkboxed option, "Always ask when downloading files of this type", is checked and grayed over, implying that all future encounters with executable files will cause a similar warning to be displayed. In spite of this, the choice the user makes the first time a file of this sort is encountered dictates the behavior of the browser for all subsequente executable files. If the user chooses "Open file" (which executes it), all subsequently encountered executables (from any source) will be downloaded and run locally without user warning.


 

Privacy Statement
Copyright 2010, SecurityFocus