opera

• Author: voroskoi
• Vulnerable: 9.24-1sayshell1
• Unaffected: 9.25-1sayshell1

Some vulnerabilities have been reported in Opera, which can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user’s system.

1. An unspecified error can be exploited via certain plugins to conduct cross-domain scripting attacks.
2. An unspecified error within the processing of TLS certificates can be exploited to execute arbitrary code.
3. An unspecified error within Rich text editing when using designMode can be exploited to conduct cross-domain scripting attacks.
4. An unspecified error within the processing of bitmaps can be exploited to disclose the contents of random memory areas.

• Bug Tracker URL: http://bugs.frugalware.org/task/2677

CVEs:

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6520
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6521
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6522
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-6524