Severity Highly Severe Problem Description Scripts are able to change the addresses of framed pages that come from the same site. Due to a flaw in the way that Opera checks what frames can be changed, a site can change the address of frames on other sites inside any window that it has opened. This…
Severity Extremely Severe Problem Description When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this way can cause Opera to crash. To inject code, additional techniques will have to be employed. Affected versions This vulnerability affects Opera for Microsoft Windows.…
Severity Extremely Severe Problem Description When an application attempts to access a URL that uses a protocol that it does not understand, it may choose to pass the URL to a registered handler for that protocol. If that registered handler is Opera, it will be started, passing the URL to open. Some external applications do not…
Severity Extremely Severe Problem Description A specially crafted JPEG header can cause Opera to crash, allowing execution of arbitrary code. Opera’s Response Opera Software has released Opera 9.26, where this issue has been fixed.
Severity Moderately severe Problem description There is a flaw in the way that certain canvas functions are handled, that can cause the canvas to be painted with very small amounts of data constructed from random memory. The resulting canvas image can be read and analyzed by JavaScript, so an attacker can get random samples of…
Severity Moderately Severe Problem Description HTML CANVAS elements can use scaled images as patterns. With suitable scaling manipulation of the image, a script can cause Opera to crash. This crash can sometimes cause memory corruption. To inject code, additional techniques will have to be employed. Opera’s Response Opera Software has released Opera 9.27 with a…
Severity Highly Severe Problem Description When Opera encounters a newsfeed source on a Web page, it prompts to add the source as a newsfeed. A script can manipulate the feed source in a way that can cause Opera to crash. The crash is caused by an erroneous memory access. To inject code, additional techniques will…
Severity Moderately Severe Problem Description When XML is imported into a document, its attribute values are not correctly presented to the DOM. This can allow their values to bypass sanitization filters. If these values are used as document content, they may in some cases allow scripts to be inserted. Opera’s Response Opera Software has released…
Severity Highly Severe Problem Description Image properties can contain custom comments. When displaying the image properties, Opera can be tricked into treating the comments as script. This can cause the script to be run in the wrong security context. Opera’s Response Opera Software has released Opera 9.26, where this issue has been fixed. Credits Thanks…
Severity: Moderately Severe Problem Description When a user types into a file input, scripts can cause some of the keystrokes to be ignored. If the script can convince the user that they are typing into a normal text input, and not let them see that their keystrokes are being ignored, it can cause the input…
