advisory Archives - Opera Security Corner

Bypass a restriction in OfA 54 – Opera Security Advisories

Mariusz Kondratowicz | 2019-12-13

CVE ID: CVE–2019–19788PRODUCT: Opera for AndroidVERSION: Below 54.0.2669.49432PROBLEM TYPE: Bypass a restriction or similarDESCRIPTION: Opera for Android before 54.0.2669.49432 is vulnerable to a sandboxed cross–origin iframe bypass attack. By using a service working inside a sandboxed iframe it is possible to bypass the normal sandboxing attributes. This allows an attacker to make forced redirections without…

Replaced code signing certificate – Opera Security Advisories

OPCOM Team | 2013-07-04

Severity None Description Opera Software recently experienced an attack on the internal infrastructure. Following best practices, Opera Software is replacing signing certificates in Opera with newly issued certificates. Certificates in Opera include the code signing certificate for desktop binaries and the signing certificate for automatic updates to browser.js. Opera‘s rootstore was not affected by the…

Category Archives: advisory

Bypass a restriction in OfA 54 – Opera Security Advisories

Replaced code signing certificate – Opera Security Advisories

Cookies can be set for a top-level domain – Opera Security Advisories

RC4 encryption protocol is vulnerable to certain brute force attacks – Opera Security Advisories

CORS requests can omit the preflight request – Opera Security Advisories

TLS response timings can indicate network contents – Opera Security Advisories

Use of SVG clipPaths can allow execution of arbitrary code – Opera Security Advisories

DOM events manipulation might be used to execute arbitrary code – Opera Security Advisories

Carefully timed redirects can allow cross site scripting – Opera Security Advisories

Repeated attempts to access a target site can trigger address field spoofing – Opera Security Advisories