TITLE: Opera Default Application "kfmclient exec" Security Issue SECUNIA ADVISORY ID: SA13447 VERIFY ADVISORY: http://secunia.com/advisories/13447/ CRITICAL: Less critical IMPACT: System access WHERE: >From remote SOFTWARE: Opera 7.x http://secunia.com/product/761/ DESCRIPTION: Giovanni Delvecchio has discovered a security issue in Opera, which can be exploited by malicious people to compromise a user's system. The problem is that a file with an unknown MIME type by default is handled by "kfmclient exec". This can be exploited to execute shell commands by tricking a user into opening a malicious shortcut/launcher containing an "Exec" entry. Successful exploitation requires some user interaction. The issue has been confirmed on Opera 7.54u1 for Linux. Other versions may also be affected. Note: Opera for Windows is not affected. SOLUTION: Do not open files from untrusted sources via the "kfmclient exec" handler. PROVIDED AND/OR DISCOVERED BY: Giovanni Delvecchio ORIGINAL ADVISORY: http://www.zone-h.org/advisories/read/id=6503
If I am not mistaken... *** This bug has been marked as a duplicate of 74321 ***