The wrong executable may be used to display a downloaded file in its folder – Opera Security Advisories

Severity

Low

Affected versions

This issue affects Opera for Microsoft Windows.

Description

Opera’s downloads manager allows users to select a file, and open the folder containing that file. This file will be opened using the operating system’s file system viewer. In some cases, Opera will use the wrong executable when trying to show the folder view, and that executable may execute code of the attacker’s choice.

Several manual steps are needed to exploit the issue, requiring very significant social engineering. Steps include populating a folder on disk with an executable, starting Opera in a particular manner, downloading a file to a particular location and performing specific actions on that file.

Opera’s response

Opera Software has released Opera 11.01, where this issue has been fixed.

Credits

Thanks to Makoto Shiotsuki for reporting this issue.

Related external advisories

CVE-2011-0450