<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos network security services platform

Bugtraq: File downloads in Opera at known locations

File downloads in Opera at known locations

From: Rohit Dube <rohit_at_kritikalsolutions.com>
Date: Thu, 29 Jul 2004 11:38:31 +0530

Hi,
This is just a question. While using opera, I observed that as soon as it
prompts you for file download, it simultaneously starts the download with
same file extension in its %USERPROFILE/application data/opera/cache. Even
if the user afterwards chooses cancel, this temporary file does not get
deleted. So if the file size was very small, it will get downloaded
completely. Reported this to opera and they are convinced this is not a
problem (bugid 148412). They do not have problems such as directory
traversal causing file dropping in user startup etc.
Is this a problem? Can this be used in conjunction with some other
vulnerability to get access to the system?

Thanx
Rohit Dube

----The reader this message encounters not failing to understand is
cursed.----
Received on Jul 29 2004

This message: [ Message body ]
Next message: Rubén Molina: "Jaws 0.4: authentication bypass"
Previous message: Rubén Molina: "DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability"
Next in thread: Josh Tolley: "Re: File downloads in Opera at known locations"
Reply: Josh Tolley: "Re: File downloads in Opera at known locations"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]