Opera Multiple Vulnerabilities
Last Update Date:
3 Aug 2012 13:29
Release Date:
3 Aug 2012
5442
Views
RISK: High Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.
- An error when handling certain DOM elements can be exploited to bypass the HTML sanitizer and conduct cross-site scripting attacks.
- An error when handling certain HTML characters can be exploited to bypass the HTML sanitizer and conduct cross-site scripting attacks.
- An error when displaying the download dialog box within a small window can be exploited to download and execute a file by tricking a user into entering a specific keyboard sequence.
Impact
- Cross-Site Scripting
- Remote Code Execution
System / Technologies affected
- Opera 11.x
- Opera 12.x
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 11.66 (Mac OS X only) or 12.01.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with