History Search can be used to execute arbitrary code – Opera Security Advisories

Severity

Extremely Severe

Problem Description

When certain parameters are passed to Opera’s History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera’s configuration, allowing them to execute arbitrary code.

Note: There have been public demonstrations of this issue, which have altered Opera’s setup. Upgrading to 9.62 will not restore these settings. If you have opened any of these demonstrations, you may have to restore your settings manually. Typically, the mailto handler has been changed; it can be restored back to its correct value using Preferences – Advanced – Programs.

Opera’s Response

Opera Software has released Opera 9.62, where this issue has been fixed.