Attachment #81936 for bug #117268

View | Details | Raw Unified | Return to bug 117268 | Differences between
Collapse All | Expand All





-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
  <vuln vid="24d8cb68-7ca8-11dc-bcc3-001372ae3ab9">
    <topic>opera -- Scripts can overwrite functions on pages from other domains</topic>
      <affects>
        <package>
          <name>opera</name>
          <name>opera-devel</name>
          <name>linux-opera</name>
          <range><lt>9.24.20071015</lt></range>
        </package>
      </affects>
      <description>
        <body xmlns="http://www.w3.org/1999/xhtml">
          <p>An advisory from Opera reports:</p>
          <blockquote cite="http://www.opera.com/support/search/view/867/">
            <p>Scripts can overwrite functions on pages from other domains.</p>
            <p>When accesing frames from different Web sites, specially crafted scripts
            can bypass the same-origin policy, and overwrite functions from those frames.
            If scripts on the page then run those functions, this can cause the script of
            the attacker's choice to run in the context of the target Web site.</p>
          </blockquote>
        </body>
      </description>
      <references>
        <url>http://www.opera.com/support/search/view/867/</url>
      </references>
      <dates>
        <discovery>2007-10-15</discovery>
        <entry>2007-10-17</entry>
      </dates>
  </vuln>

  <vuln vid="195703eb-7ca8-11dc-bcc3-001372ae3ab9">
    <topic>opera -- external news readers and e-mail clients can be used to execute arbitrary code</topic>
      <affects>
        <package>
          <name>opera</name>
          <name>opera-devel</name>
	  <name>linux-opera</name>
	  <range><lt>9.24.20071015</lt></range>
        </package>
      </affects>
      <description>
        <body xmlns="http://www.w3.org/1999/xhtml">
          <p>An advisory from Opera reports:</p>
	  <blockquote cite="http://www.opera.com/support/search/view/866/">
	    <p>External news readers and e-mail clients can be used to execute arbitrary code.</p>
	    <p>If a user has configured Opera to use an external newsgroup client or e-mail
            application, specially crafted Web pages can cause Opera to run that application
            incorrectly. In some cases this can lead to execution of arbitrary code.</p>
          </blockquote>
        </body>
      </description>
      <references>
	<url>http://www.opera.com/support/search/view/866/</url>
      </references>
      <dates>
        <discovery>2007-10-15</discovery>
        <entry>2007-10-17</entry>
      </dates>
  </vuln>

  <vuln vid="51b51d4a-7c0f-11dc-9e47-0011d861d5e2">
    <topic>phpmyadmin -- cross-site scripting vulnerability</topic>
    <affects>

Return to bug 117268

Lines 34-39 Link Here

(-)vuln.xml (+61 lines)
34		34
35	-->	35	-->
36	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">	36	<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
		37	<vuln vid="24d8cb68-7ca8-11dc-bcc3-001372ae3ab9">
		38	<topic>opera -- Scripts can overwrite functions on pages from other domains</topic>
		39	<affects>
		40	<package>
		41	<name>opera</name>
		42	<name>opera-devel</name>
		43	<name>linux-opera</name>
		44	<range><lt>9.24.20071015</lt></range>
		45	</package>
		46	</affects>
		47	<description>
		48	<body xmlns="http://www.w3.org/1999/xhtml">
		49	<p>An advisory from Opera reports:</p>
		50	<blockquote cite="http://www.opera.com/support/search/view/867/">
		51	<p>Scripts can overwrite functions on pages from other domains.</p>
		52	<p>When accesing frames from different Web sites, specially crafted scripts
		53	can bypass the same-origin policy, and overwrite functions from those frames.
		54	If scripts on the page then run those functions, this can cause the script of
		55	the attacker's choice to run in the context of the target Web site.</p>
		56	</blockquote>
		57	</body>
		58	</description>
		59	<references>
		60	<url>http://www.opera.com/support/search/view/867/</url>
		61	</references>
		62	<dates>
		63	<discovery>2007-10-15</discovery>
		64	<entry>2007-10-17</entry>
		65	</dates>
		66	</vuln>
		67
		68	<vuln vid="195703eb-7ca8-11dc-bcc3-001372ae3ab9">
		69	<topic>opera -- external news readers and e-mail clients can be used to execute arbitrary code</topic>
		70	<affects>
		71	<package>
		72	<name>opera</name>
		73	<name>opera-devel</name>
		74	<name>linux-opera</name>
		75	<range><lt>9.24.20071015</lt></range>
		76	</package>
		77	</affects>
		78	<description>
		79	<body xmlns="http://www.w3.org/1999/xhtml">
		80	<p>An advisory from Opera reports:</p>
		81	<blockquote cite="http://www.opera.com/support/search/view/866/">
		82	<p>External news readers and e-mail clients can be used to execute arbitrary code.</p>
		83	<p>If a user has configured Opera to use an external newsgroup client or e-mail
		84	application, specially crafted Web pages can cause Opera to run that application
		85	incorrectly. In some cases this can lead to execution of arbitrary code.</p>
		86	</blockquote>
		87	</body>
		88	</description>
		89	<references>
		90	<url>http://www.opera.com/support/search/view/866/</url>
		91	</references>
		92	<dates>
		93	<discovery>2007-10-15</discovery>
		94	<entry>2007-10-17</entry>
		95	</dates>
		96	</vuln>
		97
37	<vuln vid="51b51d4a-7c0f-11dc-9e47-0011d861d5e2">	98	<vuln vid="51b51d4a-7c0f-11dc-9e47-0011d861d5e2">
38	<topic>phpmyadmin -- cross-site scripting vulnerability</topic>	99	<topic>phpmyadmin -- cross-site scripting vulnerability</topic>
39	<affects>	100	<affects>