69 lines
2.5 KiB
XML
69 lines
2.5 KiB
XML
<?xml version="1.0" encoding="utf-8"?>
|
|
<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
|
|
<glsa id="200408-05">
|
|
<title>Opera: Multiple new vulnerabilities</title>
|
|
<synopsis>
|
|
Several new vulnerabilities were found and fixed in Opera, including one
|
|
allowing an attacker to read the local filesystem remotely.
|
|
</synopsis>
|
|
<product type="ebuild">Opera</product>
|
|
<announced>2004-08-05</announced>
|
|
<revised count="03">2007-12-30</revised>
|
|
<bug>59503</bug>
|
|
<access>remote</access>
|
|
<affected>
|
|
<package name="www-client/opera" auto="yes" arch="*">
|
|
<unaffected range="ge">7.54</unaffected>
|
|
<vulnerable range="le">7.53</vulnerable>
|
|
</package>
|
|
</affected>
|
|
<background>
|
|
<p>
|
|
Opera is a multi-platform web browser.
|
|
</p>
|
|
</background>
|
|
<description>
|
|
<p>
|
|
Multiple vulnerabilities have been found in the Opera web browser.
|
|
Opera fails to deny write access to the "location" browser object. An
|
|
attacker can overwrite methods in this object and gain script access to
|
|
any page that uses one of these methods. Furthermore, access to file://
|
|
URLs is possible even from pages loaded using other protocols. Finally,
|
|
spoofing a legitimate web page is still possible, despite the fixes
|
|
announced in GLSA 200407-15.
|
|
</p>
|
|
</description>
|
|
<impact type="normal">
|
|
<p>
|
|
By enticing an user to visit specially crafted web pages, an attacker
|
|
can read files located on the victim's file system, read emails written
|
|
or received by M2, Opera's mail program, steal cookies, spoof URLs,
|
|
track user browsing history, etc.
|
|
</p>
|
|
</impact>
|
|
<workaround>
|
|
<p>
|
|
There is no known workaround at this time. All users are encouraged to
|
|
upgrade to the latest available version.
|
|
</p>
|
|
</workaround>
|
|
<resolution>
|
|
<p>
|
|
All Opera users should upgrade to the latest stable version:
|
|
</p>
|
|
<code>
|
|
# emerge sync
|
|
|
|
# emerge -pv ">=www-client/opera-7.54"
|
|
# emerge ">=www-client/opera-7.54"</code>
|
|
</resolution>
|
|
<references>
|
|
<uri link="https://www.opera.com/linux/changelogs/754/">Opera Changelog</uri>
|
|
<uri link="http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html">Address bar spoofing issue disclosure</uri>
|
|
<uri link="http://www.greymagic.com/security/advisories/gm008-op/">GreyMagic Security Advisory GM#008-OP</uri>
|
|
<uri link="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-2570">CVE-2004-2570</uri>
|
|
</references>
|
|
<metadata tag="submitter" timestamp="2004-08-05T18:21:29Z">
|
|
jaervosz
|
|
</metadata>
|
|
</glsa>
|