oss-sec mailing list archives

Re: CVE request: Opera 9.50

From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 16 Jun 2008 17:08:13 -0400 (EDT)



======================================================
Name: CVE-2008-2714
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2714
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/878/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Opera before 9.26 allows remote attackers to misrepresent web page
addresses using "certain characters" that "cause the page address text
to be misplaced."


======================================================
Name: CVE-2008-2715
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2715
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/883/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Unspecified vulnerability in Opera before 9.5 allows remote attackers
to read cross-domain images via HTML CANVAS elements that use the
images as patterns.


======================================================
Name: CVE-2008-2716
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2716
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/885/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Unspecified vulnerability in Opera before 9.5 allows remote attackers
to spoof the contents of trusted frames on the same parent page by
modifying the location, which can facilitate phishing attacks.

Current thread:

CVE request: Opera 9.50 Marcus Meissner (Jun 14)
- Re: CVE request: Opera 9.50 Nico Golde (Jun 14)
- Re: CVE request: Opera 9.50 Steven M. Christey (Jun 16)