Severity
High
Description
Private data such as cache, password files, and Opera’s configuration files are supposed to be visible only to the user who owns the Opera profile. Opera does not set the profile folder permissions correctly, allowing other computer users to read the sensitive contents of profile files. In some cases, other computer users may also be able to modify or overwrite these files, altering Opera’s configuration, and causing it to execute unexpected commands.
Affected Platforms
This issue affects Opera for Linux/Unix.
Opera’s Response
Opera Software has released Opera 12.12, where this issue has been fixed.
Credits
Thanks to Jann Horn for reporting this issue to Opera Software.