File Upload Vulnerability in Opera Browser Versions 6.0.1 and 6.0.2
CVE-2002-0898

Currently unrated

Key Information:

Vendor: Opera Software
Status: Opera Web Browser
Vendor: CVE Published:; 4 October 2002

🔔 Create Opera Software Vulnerability Alert

What is CVE-2002-0898?

Opera versions 6.0.1 and 6.0.2 are susceptible to a vulnerability that permits a remote web site to upload arbitrary files from a client's system without any prompt. This occurs through a compromised file input field, where the field's value includes a newline. As a result, attackers can potentially exploit this flaw to gain unauthorized access to sensitive files on the user's device, representing a significant security risk.

References

http://marc.info/?l=ntbugtraq&m=102256058220402&w=2

mailing-listx_refsource_NTBUGTRAQ

http://online.securityfocus.com/archive/1/274202

mailing-listx_refsource_BUGTRAQ

http://www.iss.net/security_center/static/9188.php

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 4, 2002
Vulnerability Reserved
Aug 16, 2002