News
[PSUs]| Friday 17th June 2005 |
Three Opera security flaws discovered
10:38AM, Friday 17th June 2005
Three security vulnerabilities have been discovered in the Opera Web browser. All can be fixed by updating to version 8.0.1.
The moderately critical 'javascript:' URL cross-site scripting vulnerability affects versions 7.x and 8.0 and could be exploited to conduct cross-site scripting attacks and to read local files.
The Opera XMLHttpRequest security bypass flaw is also rated moderately critical and affects version 8.0. It could be exploited to steal content or to perform actions on other web sites with the privileges of the user.
The third vulnerability is rated less critical and also affects version 8.0. A redirection vulnerability could again be exploited to conduct cross-site scripting attacks against users.
Opera 8.0.1 is available from www.opera.com.
Submit to: Digg | Slashdot | Del.icio.us | Technorati
