opera_logo.gif Alternative browser maker Opera Software has released a "highly critical" update to fix a batch of potentially serious security vulnerabilities.
According to a Secunia advisory, the bugs can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
The skinny, from Opera's documentation:
# An error can be exploited via certain plugins to conduct cross-domain scripting attacks.
# An error within the processing of TLS certificates can be exploited to execute arbitrary code.
# An error within Rich text editing when using designMode can be exploited to conduct cross-domain scripting attacks.
# An error within the processing of bitmaps can be exploited to disclose the contents of random memory areas.
Opera users are strongly advised to update to Version 9.25.
Posted by Ryan Naraine on December 19, 2007 3:38 PM
資料來源 http://securitywatch.eweek.com/browsers/opera_sings_the_patching_blues_1.html
According to a Secunia advisory, the bugs can be exploited by malicious people to bypass certain security restrictions, disclose sensitive information, and compromise a user's system.
The skinny, from Opera's documentation:
# An error can be exploited via certain plugins to conduct cross-domain scripting attacks.
# An error within the processing of TLS certificates can be exploited to execute arbitrary code.
# An error within Rich text editing when using designMode can be exploited to conduct cross-domain scripting attacks.
# An error within the processing of bitmaps can be exploited to disclose the contents of random memory areas.
Opera users are strongly advised to update to Version 9.25.
Posted by Ryan Naraine on December 19, 2007 3:38 PM
資料來源 http://securitywatch.eweek.com/browsers/opera_sings_the_patching_blues_1.html
全站熱搜
留言列表
