opera -- multiple vulnerabilities

Opera Team Reports: Fixed an issue where certain domain names could allow execution of arbitrary code, as reported by Chris Weber of Casaba Security Fixed an issue where scripts can run on the feed subscription page, as reported by Inferno...

BOM characters, low surrogates stripped from JavaScript before execution — Mozilla

Microsoft developer Dave Reed reported that certain BOM characters are stripped from JavaScript code before it is executed. This can lead to code, which would otherwise be treated as part of a quoted string, to be executed. The issue could potentially be used by an attacker to bypass or evade...