Lucene search

K
freebsdFreeBSD0E30E802-A9DB-11DD-93A2-000BCDF0A03B
HistoryNov 03, 2008 - 12:00 a.m.

opera -- multiple vulnerabilities

2008-11-0300:00:00
vuxml.freebsd.org
12

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.105 Low

EPSS

Percentile

95.0%

Opera reports:

When certain parameters are passed to Operaโ€™s History
Search, they can cause content not to be correctly
sanitized. This can allow scripts to be injected into the
History Search results page. Such scripts can then run with
elevated privileges and interact with Operaโ€™s configuration,
allowing them to execute arbitrary code.

The links panel shows links in all frames on the current
page, including links with JavaScript URLs. When a page is
held in a frame, the script is incorrectly executed on the
outermost page, not the page where the URL was located.
This can be used to execute scripts in the context of an
unrelated frame, which allows cross-site scripting.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopera<ย 9.62UNKNOWN
FreeBSDanynoarchlinux-opera<ย 9.62UNKNOWN

9.3 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.105 Low

EPSS

Percentile

95.0%

Related for 0E30E802-A9DB-11DD-93A2-000BCDF0A03B