Severity High Description Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possible clickjacking attacks. Certain manipulations can trick Opera into bypassing those restrictions, which would then allow clickjacking attacks to be carried out. Opera’s response Opera Software has released Opera 11.01, where…
Severity Critical Description When certain large form inputs appear on a web page, they can cause Opera to crash. In some cases, the crash can lead to memory corruption, which could be used to execute code. To inject code, additional techniques will have to be employed. Opera’s response Opera Software has released Opera 11.01, where…
Severity High Description Various unexpected DOM manipulations can cause Opera to crash. In some cases, these crashes can occur in a way that allows execution of arbitrary code. To inject code, additional techniques may have to be employed. Opera’s response Opera Software has released Opera 11.00, where several related crashes have been fixed. Credits Thanks…
Affected versions This vulnerability may be targeted through Opera for Windows. Severity Critical Description A flaw in the font handling on the Windows operating system has been fixed by Microsoft – see bulletins MS10-091 and MS10-063. On unpatched systems, Web fonts may be used to exploit this issue through Opera. Opera’s response Opera urgently recommends…
Severity Moderate Description Dialogs such as the security information dialog and download dialog are displayed over the top of the webpage content. In some cases, webpage content will be incorrectly displayed on top of the dialogs, or over parts of the dialogs. This content can then display misleading security information, which may be used to…
Severity Low Description When accepting user input in form fields on a WAP page, WML requires that the input contents are remembered, and used to populate every further input sharing the same name. This should continue as long as the user continues to click links (known as a WAP session), even populating similarly named inputs…
Severity Moderate Description If Opera is sent to an invalid URL, an error page will be displayed along with a link to the URL. The URL linked to might run scripts, and in some cases these scripts might be run in the wrong security context. This can be used to execute scripts in the context…
Severity Moderate Description Video content may be used as filler content for a HTML5 canvas, if the video format is natively supported by Opera. If the video and page are from the same site, the content of the canvas can be safely read out by scripts. In some cases, Opera does not check the video’s…
Severity Critical Description Scripts on a page are supposed to be restricted so that they can only interact with other pages from the same domain and security context. Carefully timed reloads and redirects, when combined with appropriate caching, can cause scripts to execute in the wrong security context in Opera. This allows cross site scripting…
Severity Low Description Web page scripts can be used to alter the size of the browser window. In some cases, this manipulation can cause the wrong part of the Web page address to be displayed in the Address Bar, so that the part that is initially visible to the user is not the start of…
