- File deletion in Opera -
Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)
Madrid, December 15 2003 - SecurityTracker has reported -at
http://www.securitytracker.com/alerts/2 ... 08460.html - a
vulnerability affecting Opera that could allow files to be deleted on local
This security problem stems from the fact that when the browser displays a
download dialog, the browser creates a file in the temporary directory based
on the name of the file to be downloaded. However, the browser does not
validate the filename, and this could allow a directory traversal.
Because of this vulnerability, it could be possible to create a specially
modified file name as part of the URL so that when the user opens the
download dialog box, the files are overwritten and deleted. The only files
potentially affected are those on which the user has write-permission.
Users with systems that could be affected are advised to install the Opera
version 7.23 build 3227.
UserAgent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.5) Gecko/20031007 Firebird/0.7