New Search

DEPRECATED: Opera before 10.00 does not properly implement the INPUT TYPE=file functionality

oval:org.mitre.oval:def:5679

Opera before 10.00 on Linux Solaris and FreeBSD does not properly implement the "INPUT TYPE=file" functionality which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file."

Family:
windows
Status:
DEPRECATED
Platform(s):
  • Microsoft Windows Vista
  • Microsoft Windows XP
Class:
vulnerability
Reference(s):
  • CVE-2009-3048
Product(s):
  • Opera Browser