Ravens PHP Scripts

Opera Multiple Vulnerabilities
Date: Thursday, February 21, 2008 @ 00:15:58 PST
Topic: Security


SECUNIA ADVISORY ID: SA29029

VERIFY ADVISORY: http://secunia.com/advisories/29029/

CRITICAL: Moderately critical

IMPACT: Security Bypass, Cross Site Scripting, Exposure of sensitive information

SOFTWARE:
Opera 5.x http://secunia.com/product/82/
Opera 6.x http://secunia.com/product/81/
Opera 7.x http://secunia.com/product/761/
Opera 8.x http://secunia.com/product/4932/
Opera 9.x http://secunia.com/product/10615/

DESCRIPTION: Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, or to bypass certain security restrictions. The vulnerabilities are reported in versions prior to 9.26.



1) A security issue is caused due to a design error when handling input to file form fields, which can potentially be exploited to trick a user into uploading arbitrary files. This is related to #3 in: SA28758

2) An error within the handling of custom comments in image properties can be exploited to execute arbitrary script code in the wrong security context when comments of a malicious image are displayed.

3) An error in the handling of attribute values when importing XML into a document can be exploited to bypass filters and conduct cross-site scripting attacks if these values are used as document content.

SOLUTION: Update to version 9.26 - http://www.opera.com/download/
PROVIDED AND/OR DISCOVERED BY: The vendor credits:
1) Mozilla
2) Max Leonov
3) Arnaud

ORIGINAL ADVISORY: Opera:
http://www.opera.com/support/search/view/877/
http://www.opera.com/support/search/view/879/
http://www.opera.com/support/search/view/880/

OTHER REFERENCES: SA28758: http://secunia.com/advisories/28758/






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3247