Skip to main content

Opera Multiple Vulnerabilities

Last Update Date: 3 Aug 2012 13:29 Release Date: 3 Aug 2012 5442 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been identified in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a user's system.

  1. An error when handling certain DOM elements can be exploited to bypass the HTML sanitizer and conduct cross-site scripting attacks.
  2. An error when handling certain HTML characters can be exploited to bypass the HTML sanitizer and conduct cross-site scripting attacks.
  3. An error when displaying the download dialog box within a small window can be exploited to download and execute a file by tricking a user into entering a specific keyboard sequence.

Impact

  • Cross-Site Scripting
  • Remote Code Execution

System / Technologies affected

  • Opera 11.x
  • Opera 12.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 11.66 (Mac OS X only) or 12.01.

Vulnerability Identifier

  • No CVE information is available

Source


Related Link