Vigil@nce :Opera, multiple vulnerabilies
August 2008 by Vigil@nce
SYNTHESIS
Several vulnerabilities has been discovered in Opera.
Gravity: 4/4
Consequences: administrator access/rights, privileged
access/rights, data reading, data flow, denial of service of
service
Provenance: internet server
Means of attack: no proof of concept, no attack
Ability of attacker: expert (4/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 20/08/2008
Identifier: VIGILANCE-VUL-8045
IMPACTED PRODUCTS
– Microsoft Windows - plateform
DESCRIPTION
If Opera is declared as a handler for given protocols, the web
browser can be started by an external program, and used to execute
code. [grav:4/4; 892]
The vulnerability allows a site to change frame content of other
sites. This can be used to realise phising, displaying malicious
information in a web page. [grav:3/4; 893]
An Opera shortcut can contain malicious parameters generating an
application crash. This crash can be used to execute code.
[grav:2/4; 894]
A dangerous webpage is qualified as "Trust" by Opera, only if it
contains a secure website frame. [grav:1/4; 895]
When cliking on a link to a local file, Opera does not loading the
page, on the other hand it does not do that for feeds. [grav:1/4;
896]
When subscribing a new feed, it is possible to attribute an other
address to the feed. [grav:1/4; 897]
CHARACTERISTICS
Identifiers: 892, 893, 894, 895, 896, 897, VIGILANCE-VUL-8045