Skip to main content

Opera Multiple Vulnerabilities

Last Update Date: 15 Jun 2012 17:16 Release Date: 15 Jun 2012 5188 Views

RISK: Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Opera, which can be exploited by malicious people to conduct spoofing attacks and bypass certain security restrictions.

  1. An error when displaying preferences within a small window can be exploited to e.g. execute arbitrary code by tricking a user into entering a specific keyboard sequence.
  2. An error when displaying pop-up windows can be exploited to execute script code by tricking a user into following a specific sequence of events.
  3. An error when handling JSON resources can be exploited to bypass the cross-domain policy restriction and disclose certain information to other sites.
  4. An unspecified error can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.
  5. An error when handling page loads can be exploited to display arbitrary content while showing the URL of a trusted web site in the address bar.

Impact

  • Security Restriction Bypass
  • Spoofing

System / Technologies affected

  • Opera 11.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Upgrade to version 12 or update to version 11.65 for Mac.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link