Summary
The remote host is using Opera - an alternative web browser.
This version of Opera is vulnerable to a file corruption vulnerability.
This issue is exposed when a user is presented with a file dialog, which will cause the creation of a temporary file.
It is possible to specify a relative path to another file on the system using directory traversal sequences when the download dialog is displayed.
If the client user has write permissions to the attacker-specified file, it will be corrupted.
This could be exploited to delete sensitive files on the systems.
Solution
Install Opera 7.23 or newer.
Severity
Classification
-
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Microsoft RDP Server Private Key Information Disclosure Vulnerability
- Microsoft .NET Framework Security Bypass Vulnerability
- Opera remote location object cross-domain scripting vulnerability
- Mozilla/Firefox security manager certificate handling DoS
- Microsoft Windows Server 2003 win32k.sys DoS Vulnerability