The remote host is using Opera - an alternative web browser. This version of Opera is vulnerable to a file corruption vulnerability. This issue is exposed when a user is presented with a file dialog, which will cause the creation of a temporary file. It is possible to specify a relative path to another file on the system using directory traversal sequences when the download dialog is displayed. If the client user has write permissions to the attacker-specified file, it will be corrupted. This could be exploited to delete sensitive files on the systems.
Install Opera 7.23 or newer.
- MS IE Information Disclosure and Web Site Spoofing Vulnerabilities
- Microsoft Windows Fraudulent Digital Certificates Spoofing Vulnerability
- Microsoft RDP Server Private Key Information Disclosure Vulnerability
- Opera web browser address bar spoofing weakness (2)
- Microsoft Update to Improve Cryptography and Digital Certificate Handling (2854544)