Severity Extremely Severe Problem Description When certain parameters are passed to Opera’s History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera’s configuration, allowing them to execute arbitrary code.Note:…
Severity Highly Severe Platforms All desktop versions Problem Description When Opera is previewing a news feed, some scripts are not correctly blocked. These scripts are able to subscribe the user to any feed URL that the attacker chooses, and can also view the contents of any feeds that the user is subscribed to. These may…
Severity Highly Severe Platforms All desktop versions Problem Description If a link that uses a JavaScript URL triggers Opera’s Fast Forward feature, when the user activates Fast Forward, the script should run on the current page. When a page is held in a frame, the script is incorrectly executed on the outermost page, not the…
Severity Extremely Severe Platforms All desktop versions Problem Description Certain constructs are not escaped correctly by Opera’s History Search results. These can be used to inject scripts into the page, which can then be used to look through the user’s browsing history, including the contents of the pages they have visited. These may contain sensitive…
Severity: Highly Severe Problem Description Once a Java applet has been cached, if a page can predict the cache path for that applet, it can load the applet from the cache, causing it to run in the context of the local machine. This allows it to read other cache files on the computer or perform…
Severity Extremely Severe Problem Description If a malicious page redirects Opera to a specially crafted address (URL), it can cause Opera to crash. Given sufficient address content, the crash could cause execution of code controlled by the attacking page. Opera’s Response Opera Software has released Opera 9.60, where this issue has been fixed. Credits Thanks…
Severity Not Severe Problem Description It has been reported that when a user subscribes to a news feed using the feed subscription button, the page address can be changed. This causes the address field not to update correctly. Although this can mean that that misleading information can be displayed in the address field, it can…
Severity Less Severe Problem Description As a security precaution, Opera does not allow Web pages to link to files on the user’s local disk. However, a flaw exists that allows Web pages to link to feed source files on the user’s computer. Suitable detection of JavaScript events and appropriate manipulation can unreliably allow a script…
Severity Less Severe Problem Description When insecure pages load content from secure sites into a frame, they can cause Opera to incorrectly report the insecure site as being secure. The padlock icon will incorrectly be shown, and the security information dialog will state that the connection is secure, but without any certificate information. Opera’s Response…
Severity Moderately Severe Problem Description Custom shortcut and menu commands can be used to activate external applications. In some cases, the parameters passed to these applications are not prepared correctly, and may be created from uninitialized memory. These may be misinterpreted as additional parameters, and depending on the application, this could allow execution of arbitrary…
