Ravens PHP Scripts

Opera Multiple Vulnerabilities
Date: Friday, October 10, 2008 @ 01:42:01 CEST
Topic: Security


SECUNIA ADVISORY ID: SA32177

VERIFY ADVISORY: http://secunia.com/advisories/32177/

CRITICAL: Highly critical

IMPACT: Security Bypass, Exposure of system information, Exposure of sensitive information, DoS, System access

SOFTWARE:
Opera 5.x - http://secunia.com/advisories/product/82/
Opera 6.x - http://secunia.com/advisories/product/81/
Opera 7.x - http://secunia.com/advisories/product/761/
Opera 8.x - http://secunia.com/advisories/product/4932/
Opera 9.x - http://secunia.com/advisories/product/10615/

DESCRIPTION: Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose potentially sensitive information, or potentially compromise a user's system.



1) An unspecified error can be exploited to potentially execute arbitrary code via a web page that redirects the browser to a specially crafted URL.

2) An error in the caching of Java applets can be exploited to load a cached applet in the context of the local machine and e.g. read restricted cache files.

SOLUTION: Update to version 9.6. - http://www.opera.com/download/

PROVIDED AND/OR DISCOVERED BY:
The vendor credits:
1) Chris of Matasano Security
2) Nate McFeters

ORIGINAL ADVISORY:
http://www.opera.com/support/search/view/901/
http://www.opera.com/support/search/view/902/






This article comes from Ravens PHP Scripts
http://www.ravenphpscripts.com

The URL for this story is:
http://www.ravenphpscripts.com/modules.php?name=News&file=article&sid=3470