Opera Multiple Vulnerabilities
RISK: Medium Risk
Multiple vulnerabilities have been identified in Opera, which could allow attackers to gain knowledge of certain information, manipulate data or execute arbitrary code.
1. An error when handling CSS files, which could allow cross domain scripting attacks.
2. An error when manipulating the window, which could cause the wrong part of the Web page address to be displayed in the Address Bar and allows attackers to spoof the page address.
3. An error when handling reloads and redirects, which could allow spoofing and cross-site scripting, or the modification of Opera's configuration and execution of arbitrary code with minimal user interaction.
4. The browser not checking a video's origin correctly which could allow attackers to intercept video streams.
5. An issue when displaying error pages along with a link to the invalid URL, which could allow cross domain scripting attacks by convincing a user to interact with a specially crafted error page.
Impact
- Cross-Site Scripting
- Remote Code Execution
- Spoofing
System / Technologies affected
- Opera version 10.62 and prior
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Upgrade to Opera version 10.63 :
http://www.opera.com/browser/
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with