- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23291
- Проверка EDB
-
- Пройдено
- Автор
- MINDWARPER
- Тип уязвимости
- REMOTE
- Платформа
- MULTIPLE
- CVE
- N/A
- Дата публикации
- 2003-10-24
Код:
source: https://www.securityfocus.com/bid/8887/info
A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users filesystem within the Local Zone. The problem occurs when handling malformed HTML iframes which point to local system locations. Exploitation of this vulnerability could result in the exposure of sensitive data or could potentially lead to the corruption of system critical files.
**UPDATE: The vendor has contacted Symantec and has stated that this is not a vulnerability. Symantec has not been able to reproduce the claims made by the individual who reported this issue. This record is being retired, though it may be re-activated if further findings confirm existence of the vulnerability.
<iframe name="abc" src="file:///C:/"></iframe>
- Источник
- www.exploit-db.com