Fixes this
Description: Opera Web Browser is a browser that runs on multiple
operating systems. Opera is exposed to multiple security issues. Opera
versions prior to 9.52 are affected.
(2) CRITICAL: Opera Multiple Vulnerabilities
Affected:
Opera versions prior to 9.60
Description: Opera is a popular cross-platform web browser and suite of internet applications. It contains multiple vulnerabilities in its handling of addresses and Java applets. A specially crafted address used in a redirection can result in a buffer overflow vulnerability. Successfully exploiting this vulnerability would allow an attacker to execute arbitrary code with the privileges of the current user. Full technical details for this vulnerability are publicly available. Additionally, a flaw in the handling of Java applets can result in an information-disclosure vulnerability.
Status: Vendor confirmed, updates available.
References:
Matasano Advisory
http://www.matasano.com/log/1182/i-broke-opera/
Opera Security Advisories
http://www.opera.com/support/search/view/901/
http://www.opera.com/support/search/view/902/
Vendor Home Page
http://www.opera.com
SecurityFocus BIDs
http://www.securityfocus.com/bid/31643
http://www.securityfocus.com/bid/31631
Opera 9.62 incorporates the Opera Presto 2.1.1 user agent engine.
Changes since Opera 9.61
Security
Fixed an issue where History Search could be used to execute arbitrary code, as discovered by Aviv Raff; see our advisory
The links panel no longer allows cross-site scripting; see our advisory
Opera@USB 11.64 was released today.guinness wrote:It's already updated!
I know, but Opera is the main product now not Opera@USB. Opera@USB is Opera extracted and then recompressed as a ZIP file, despite the fact there is no difference between using the 'official' Opera installer.ReadOnly wrote:Opera@USB 11.64 was released today.