Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Opera 7 vulnerabilities

From: "Thor Larholm" <thor () pivx com>
Date: Thu, 14 Nov 2002 21:53:12 +0100
Monitoring which pages a user visits is also possible, and in general there
seems to be some oversights in this otherwise smooth rewrite.

Add to that some of the more odd bugs functionalitywise, and I would say
there is room for a beta 2 ;)


Regards
Thor Larholm, Security Researcher
PivX Solutions, LLC

Strike Now, StrikeFirst!
http://www.pivx.com/sf.html

-----Original Message-----
From: GreyMagic Software [mailto:security () greymagic com]
Sent: 14. november 2002 17:43
To: Bugtraq
Subject: Opera 7 vulnerabilities


We've done some basic security tests, in cooperation with Tom Gilder, on the
new Opera 7 beta release and found two major security vulnerabilities. These
vulnerabilities are quite obvious and likely to be discovered by malicious
users.

Combined, they allow full read access to a victim's file system (including
both directories and files) and scripting access to any domain.

Full details will be released once Opera resolves these issues. In the
meanwhile, users are encouraged not to upgrade to Opera 7 or disable
scripting.
Previous By Date Next
Previous By Thread Next

Current thread: