Denial of service in Opera

Posted: November 8, 2012 in Vulnerabilities
Tags: , , , , ,

Opera Alert

Denial of service in Opera

Vulnerability: Denial of service in Opera

Danger: High
Patch: Yes
Quantity of vulnerabilities: 5

Impact:
– Cross-site scripting;
– Security Bypass;
– System compromise.

Be exploited: No Information
Affected products: Opera 12.x

Affected versions: Opera versions until 12.10

Description:

Which can be exploited by malicious people to execute arbitrary code on the target system.

1. An unspecified error when processing CORS (Cross-Origin Resource Sharing) requests. A remote user can bypass the same-origin policy and reveal important information.

2. An error in the processing of Data URI. This can be exploited to carry out cross-site scripting attack.

3. An unspecified error. Details were not disclosed.

4. An error in the processing of SVG images. A remote user can execute arbitrary code on the target system.

5. The vulnerability is caused due to an unspecified error. Details were not disclosed.

Solution: To install the product vulnerabilities 12.10 version from the manufacturer.

Links:

http://www.opera.com/docs/changelogs/unified/1210/
http://www.opera.com/support/kb/view/1030/
http://www.opera.com/support/kb/view/1031/
http://www.opera.com/support/kb/view/1033/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s