CVE-2005-2405 Information

Description

Opera 8.01 when the \Arial Unicode MS\ font (ARIALUNI.TTF) is installed does not properly handle extended ASCII characters in the file download dialog box which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code.

Reference

http://secunia.com/advisories/15870 http://securitytracker.com/id?1014592 http://www.opera.com/linux/changelogs/802/ http://www.securityfocus.com/bid/14402 http://www.vupen.com/english/advisories/2005/1251 https://exchange.xforce.ibmcloud.com/vulnerabilities/21784