Opera Multiple Vulnerabilities

Last Update Date: 7 Dec 2011 14:26 Release Date: 7 Dec 2011 5801 Views

RISK: Medium Risk

Medium Risk

TYPE: Clients - Browsers

TYPE: Browsers

Multiple vulnerabilities have been reported in Opera, where one has an unknown impact and others can be exploited by malicious people to bypass certain security features, disclose potentially sensitive information, and hijack a user's session.

  1. An unspecified error exists. No further information is currently available.
  2. An error when applying domain restrictions to handle cookies and scripting context within some top level domains can be exploited by other sites in that top level domain to access cookies or communicate with scripts.
  3. A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols.
  4. An error when handling the JavaScript "in" operator while executing scripts can be exploited to bypass the cross-domain policy restriction and check for the existence of variables on other sites.

Impact

  • Security Restriction Bypass
  • Information Disclosure

System / Technologies affected

  • Opera 11.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Update to version 11.60

Vulnerability Identifier

Source

Related Link

Share with

Previous

Blue Coat ProxyAV libpng Buffer Overflow Vulnerability

6 Dec 2011 5543 Views

Next

Foxit Reader Unspecified Memory Corruption Vulnerability

8 Dec 2011 5424 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY