Computer Security
[EN] securityvulns.ru no-pyccku


Opera browser multiple security vulnerabilities
Published:05.03.2008
Source:
SecurityVulns ID:8751
Type:client
Threat Level:
6/10
Description:Information leakage on form file upload, images comments scrip execution , DOM sanitization filters bypass.
Affected:OPERA : Opera 9.25
CVE:CVE-2008-1082 (Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation.)
 CVE-2008-1081 (Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties.)
 CVE-2008-1080 (Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input.)
Original documentdocumentGENTOO, [ GLSA 200803-09 ] Opera: Multiple vulnerabilities (05.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod