CVE-2004-2659

CVE Database · CVE-2004-2659

CVE-2004-2659

· N/AModified

CVSS v3.1

N/A

EPSS

1.10%

Published

Dec 31, 2004

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. NOTE: this is a different issue than CVE-2005-2407.

Weaknesses (CWE)

CWE-362

Affected Products (2)

mozilla · mozillavulnerable

opera · opera_browservulnerable

References (4)

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html

Broken LinkExploit

http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/

ExploitVendor Advisory

http://archives.neohapsis.com/archives/fulldisclosure/2004-07/0264.html

Broken LinkExploit

http://www.squarefree.com/2004/07/01/race-conditions-in-security-dialogs/

ExploitVendor Advisory

KEV Catalog EPSS Scores Vendors All CVEs