Opera: >> Opera Browser >> 7.23 Security Vulnerabilities
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
CVSS Score
7.5
EPSS Score
0.003
Published
2004-04-15
Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."
CVSS Score
2.6
EPSS Score
0.011
Published
2004-02-11
Page 24