Opera Multiple Vulnerabilities
Last Update Date:
15 Jun 2012 17:16
Release Date:
15 Jun 2012
5234
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Opera, which can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions.
- An error when displaying preferences within a small window can be exploited to e.g. execute arbitrary code by tricking a user into entering a specific keyboard sequence.
- An error when displaying pop-up windows can be exploited to execute script code by tricking a user into following a specific sequence of events.
- An error when handling JSON resources can be exploited to bypass the cross-domain policy restriction and disclose certain information to other sites.
- An unspecified error can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
- An error when handling page loads can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
Impact
- Security Restriction Bypass
- Spoofing
System / Technologies affected
- Opera 11.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to version 12 or update to version 11.65 for Mac.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with