advisory Archives - Opera Security Corner

Replaced code signing certificate – Opera Security Advisories

OPCOM Team | 2013-07-04

Severity None Description Opera Software recently experienced an attack on the internal infrastructure. Following best practices, Opera Software is replacing signing certificates in Opera with newly issued certificates. Certificates in Opera include the code signing certificate for desktop binaries and the signing certificate for automatic updates to browser.js. Opera‘s rootstore was not affected by the…

Cookies can be set for a top-level domain – Opera Security Advisories

OPCOM Team | 2013-04-04

Low

RC4 encryption protocol is vulnerable to certain brute force attacks – Opera Security Advisories

OPCOM Team | 2013-04-04

Low

CORS requests can omit the preflight request – Opera Security Advisories

OPCOM Team | 2013-01-29

Low

TLS response timings can indicate network contents – Opera Security Advisories

OPCOM Team | 2013-01-29

Low

Use of SVG clipPaths can allow execution of arbitrary code – Opera Security Advisories

OPCOM Team | 2013-01-29

High

DOM events manipulation might be used to execute arbitrary code – Opera Security Advisories

OPCOM Team | 2013-01-29

High

Carefully timed redirects can allow cross site scripting – Opera Security Advisories

OPCOM Team | 2012-12-20

High

Repeated attempts to access a target site can trigger address field spoofing – Opera Security Advisories

OPCOM Team | 2012-12-17

Low

Private data can be disclosed to other computer users, or be modified by them – Opera Security Advisories

OPCOM Team | 2012-12-17

High