Secunia reports:
Secunia Research has discovered a vulnerability in Opera,
which can be exploited by malicious people to trick
users into executing malicious files.
The vulnerability is caused due to the filename and
the "Content-Type" header not being sufficiently validated
before being displayed in the file download dialog.
This can be exploited to spoof file types in the download dialog
by passing specially crafted "Content-Disposition" and "Content-Type"
headers containing dots and ASCII character code 160.
Secunia Research has reported a vulnerability in Opera,
which can be exploited by malicious people to spoof the content of websites.
The problem is that a website can inject content into another
site's window if the target name of the window is known.
This can e.g. be exploited by a malicious website to spoof the content of
a pop-up window opened on a trusted website.