Opera Multiple Vulnerabilities
Last Update Date:
7 Nov 2012 12:53
Release Date:
7 Nov 2012
5459
Views
RISK: Medium Risk
TYPE: Clients - Browsers
Multiple vulnerabilities have been identified in Opera, where some have unknown impacts and other can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, and compromise a user's system.
- An unspecified error when handling CORS (Cross-Origin Resource Sharing) requests can be exploited to bypass the same origin policy and e.g. disclose sensitive information from another domain.
- An error when handling Data URIs can be exploited to conduct cross-site scripting attacks.
- An error when handling SVG images can be exploited to execute arbitrary code.
Impact
- Cross-Site Scripting
- Security Restriction Bypass
System / Technologies affected
- Opera versions prior to 12.10.
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Update to version 12.10.
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with