SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Web Browser)  >   Opera Vendors:   Opera Software
Opera Bugs Let Remote Users Obtain Information and Execute Arbitrary Code
SecurityTracker Alert ID:  1025011
SecurityTracker URL:  http://securitytracker.com/id/1025011
CVE Reference:   CVE-2011-0450   (Links to External Site)
Date:  Jan 28 2011
Impact:   Disclosure of system information, Disclosure of user information, Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 11.01
Description:   Several vulnerabilities were reported in Opera. A remote user can cause arbitrary code to be executed on the target user's system. A remote user can obtain potentially sensitive information.

A remote user can create specially crafted HTML containing large form inputs that, when loaded by the target user, will execute arbitrary code on the target system. The code will run with the privileges of the target user. Jordi Chancel reported this vulnerability.

A remote user can create a specially crafted URL that, when loaded by the target user, will modify the Opera configuration to bypass certain restrictions to prevent clickjacking attacks.

A remote user can send specially crafted HTTP responses and redirections to obtain elevated privileges on the target user's browser and then load files from the target user's system.

The "Delete Private Data" feature with the "Clear all email account passwords" function do not immediately delete passwords, allowing the passwords to be used until the browser is restarted.

A remote user can cause the downloads manager to use an arbitrary executable when attempting to show show the folder view [CVE-2011-0450]. Microsoft Windows-based systems are affected. Makoto Shiotsuki reported this vulnerability.
Impact:   A remote user can create execute arbitrary code on the target user's system.

A remote user can obtain potentially sensitive information.
Solution:   The vendor has issued a fix (11.01).

The vendor's advisories are available at:

http://www.opera.com/support/kb/view/982/
http://www.opera.com/support/kb/view/983/
http://www.opera.com/support/kb/view/984/
http://www.opera.com/support/kb/view/985/
http://www.opera.com/support/kb/view/986/
Vendor URL:  www.opera.com/support/kb/view/982/ (Links to External Site)
Cause:   Not specified
Underlying OS:   Linux (Any), UNIX (Any), Windows (Any)

Message History:   None.

 Source Message Contents
Date:  Fri, 28 Jan 2011 20:49:18 +0000
Subject:  Opera


    * Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS.
    * Fixed an issue where large form inputs could allow execution of arbitrary code, as reported by Jordi Chancel; see our advisory.
    * Fixed an issue which made it possible to carry out clickjacking attacks against internal opera: URLs; see our advisory.
    * Fixed issues which allowed web pages to gain limited access to files on the user's computer; see our advisory.
    * Fixed an issue where email passwords were not immediately deleted when deleting private data; see our advisory.
    * Fixed an issue which could cause the wrong executable to be used to display a downloaded file in its folder, as reported by Makoto Shiotsuki; see our advisory.


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC