Opera Browser Code Execution and Security Bypass Vulnerabilities

Last Update Date: 28 Jan 2011 Release Date: 18 Dec 2008 4756 Views

RISK: Medium Risk

Medium Risk

Multiple vulnerabilities have been identified in Opera, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system.

1. A buffer overflow error when handling certain text-area contents, which could be exploited to execute arbitrary code.

2. A memory corruption error when processing certain HTML constructs, which could be exploited to cause a crash or execute arbitrary code.

3. An input validation error in the feed preview feature when processing URLs, which could be exploited to inject malicious script.

4. An error in the built-in XSLT templates that incorrectly handle escaped content, which could be exploited to inject scripted markup.

5. An unspecified error which could be exploited to reveal random data.

6. An error when processing SVG images embedded using "img" tags, which can be exploited to execute Java or plugin content.

Impact

  • Denial of Service
  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Opera versions prior to 9.63

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

Vulnerability Identifier

  • No CVE information is available

Source

Related Link

Share with

Previous

Adobe Flash Player for Linux Remote Code Execution Vulnerability

18 Dec 2008 4757 Views

Next

Mozilla Products Code Execution and Security Bypass Vulnerabilities

18 Dec 2008 5093 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY