Rich editing allows cross domain scripting – Opera Security Advisories

Rich editing allows cross domain scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Problem Description Rich editing using designMode allows page contents to be edited. Pages can use this ability to inject scripts into pages from other domains. This allows cross domain scripting...

Opera Web Browser DoS attacks on MIME via malformed MIME emails (Windows)

The host is installed with Opera Web Browser and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gboperamimedosvulnwin.nasl 6532 2017-07-05 07:42:05Z cfischer $ Opera Web Browser DoS attacks on MIME via malformed MIME emails Windows Authors: Chandan S Copyright:...

Newsfeed prompt can cause Opera to execute arbitrary code

When Opera encounters a newsfeed source on a Web page, it prompts to add the source as a newsfeed. A script can manipulate the feed source in a way that can cause Opera to crash. The crash is caused by an erroneous memory access. To inject code, additional techniques will have to be employed...

Sites can change framed content on other sites

Scripts are able to change the addresses of framed pages that come from the same site. Due to a flaw in the way that Opera checks what frames can be changed, a site can change the address of frames on other sites inside any window that it has opened. This allows sites to open pages from other...

Fast Forward can allow cross-site scripting

If a link that uses a JavaScript URL triggers Opera's Fast Forward feature, when the user activates Fast Forward, the script should run on the current page. When a page is held in a frame, the script is incorrectly executed on the outermost page, not the page where the URL was located. This can b...

Vulnerability in createSVGTransformFromMatrix (JavaScript, SVG) – Opera Security Advisories

Vulnerability in createSVGTransformFromMatrix JavaScript, SVG – Opera Security Advisories OPCOM Team | December 16, 2008 Summary A vulnerability in createSVGTransformFromMatrix ObjectTypecasting can crash Opera. Severity Moderate Problem description Passing an incorrect object to...

Resized canvas patterns can cause Opera to execute arbitrary code – Opera Security Advisories

Resized canvas patterns can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Moderately Severe Problem Description HTML CANVAS elements can use scaled images as patterns. With suitable scaling manipulation of the image, a script can cause...

The links panel can allow cross-site scripting – Opera Security Advisories

The links panel can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description The links panel shows links in all frames on the current page, including links with JavaScript URLs. When a page is held in a frame, the script is...

Opera Web Browser 9.51 DoS Vulnerability - Windows

Opera Web Browser is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

History Search can reveal browsing history

Certain constructs are not escaped correctly by Opera's History Search results. These can be used to inject scripts into the page, which can then be used to look through the user's browsing history, including the contents of the pages they have visited. These may contain sensitive information...

A JPEG image with a malformed header can crash Opera – Opera Security Advisories

A JPEG image with a malformed header can crash Opera – Opera Security Advisories OPCOM Team | December 16, 2008 Summary A JPEG image with a malformed header can crash Opera, and causearbitrary code to be run. Severity Moderate Problem description A specially crafted DHT marker in the JPEG file...

Fast Forward can allow cross-site scripting – Opera Security Advisories

Fast Forward can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Platforms All desktop versions Problem Description If a link that uses a JavaScript URL triggers Opera’s Fast Forward feature, when the user activates Fast Forward, the...

Specially crafted addresses can execute arbitrary code – Opera Security Advisories

Specially crafted addresses can execute arbitrary code – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Extremely Severe Problem Description If a malicious page redirects Opera to a specially crafted address URL, it can cause Opera to crash. Given sufficient address content, th...

Feed preview can reveal contents of unrelated news feeds

When Opera is previewing a news feed, some scripts are not correctly blocked. These scripts are able to subscribe the user to any feed URL that the attacker chooses, and can also view the contents of any feeds that the user is subscribed to. These may contain sensitive information...

Feed links can link to local files

As a security precaution, Opera does not allow Web pages to link to files on the user's local disk. However, a flaw exists that allows Web pages to link to feed source files on the user's computer. Suitable detection of JavaScript events and appropriate manipulation can unreliably allow a script ...

Vulnerability in createSVGTransformFromMatrix (JavaScript, SVG)

Passing an incorrect object to createSVGTransformFromMatrixcan crash Opera and enable arbitrary code execution. Users who have disabled JavaScript are not affected...

Insecure pages can show incorrect security information

When insecure pages load content from secure sites into a frame, they can cause Opera to incorrectly report the insecure site as being secure. The padlock icon will incorrectly be shown, and the security information dialog will state that the connection is secure, but without any certificate...

Opera security upgrade for Linux, Solaris and FreeBSD

A security issue in the Adobe Flash Player running in Opera on Linux, Solaris or FreeBSD has been found. Details about the vulnerability will be disclosed at a later date...

Startup crash can allow execution of arbitrary code

When Opera is registered as a handler for a given protocol, it can be started by external applications. In some cases, being started in this way can cause Opera to crash. To inject code, additional techniques will have to be employed...

Specially crafted addresses can execute arbitrary code

If a malicious page redirects Opera to a specially crafted address URL, it can cause Opera to crash. Given sufficient address content, the crash could cause execution of code controlled by the attacking page...