CVE-2005-2407
Opera Browser < 8.01 - Arbitrary Code Execution via Window Overlay
Title source: llmDescription
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking".
References (6)
Core 6
Core References
Broken Link, Patch x_refsource_confirm
http://www.opera.com/linux/changelogs/802/
Broken Link vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2005/1251
Broken Link x_refsource_misc
http://secunia.com/secunia_research/2005-19/advisory/
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/15835
Broken Link, Patch, Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/15781
Broken Link, Third Party Advisory, VDB Entry vdb-entry
x_refsource_sectrack
http://securitytracker.com/id?1015353
Scores
EPSS
0.0111
EPSS Percentile
78.4%
Details
CWE
CWE-1021
Status
published
Products (1)
opera/opera_browser
< 8.01
Published
Aug 01, 2005
Tracked Since
Feb 18, 2026