Actu
Vigil@nce - Opera: four vulnerabilities
August 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can invite the victim to display a malicious site with
Opera, in order to deceive the victim, to obtain information, or
to generate a Cross Site Scripting.
Severity: 2/4
Creation date: 02/08/2012
IMPACTED PRODUCTS
– openSUSE
– Opera
DESCRIPTION OF THE VULNERABILITY
Four vulnerabilities were announced in Opera.
Some characters are ignored, which changes the parsing of the HTML
code, and leads to a Cross Site Scripting. [severity:2/4;
BID-54788, CVE-2012-4142]
An attacker can use a small window, in order to deceive the
victim, and to invite him to download a program. [severity:2/4;
BID-54782, CVE-2012-4143]
Some HTML elements are ignored, which changes the parsing of the
HTML code, and leads to a Cross Site Scripting. [severity:2/4;
BID-54779, CVE-2012-4144]
An unknown vulnerability impacts Opera. [severity:2/4; BID-54780,
CVE-2012-4145]
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Opera-four-vulnerabilities-1181
