View | Details | Raw Unified | Return to bug 126677 | Differences between
and this patch

Collapse All | Expand All

(-)vuln.xml (+151 lines)
Lines 34-39 Link Here
34
34
35
-->
35
-->
36
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
36
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
37
  <vuln vid="f457db3b-6e8f-11dd-9c8f-001999392805">
38
    <topic>opera -- Sites can change framed content on other sites</topic>
39
    <affects>
40
      <package>
41
	<name>opera</name>
42
	<range><lt>9.52.20080814</lt></range>
43
      </package>
44
    </affects>
45
    <description>
46
      <body xmlns="http://www.w3.org/1999/xhtml">
47
	<blockquote cite="http://www.opera.com/support/search/view/893/">
48
	<p>Scripts are able to change the addresses of framed pages that
49
	  come from the same site. Due to a flaw in the way that Opera checks
50
	  what frames can be changed, a site can change the address of frames
51
	  on other sites inside any window that it has opened. This allows
52
	  sites to open pages from other sites, and display misleading
53
	  information on them.</p>
54
	</blockquote>
55
      </body>
56
    </description>
57
    <references>
58
      <url>http://www.opera.com/support/search/view/893/</url>
59
    </references>
60
    <dates>
61
      <discovery>2008-08-14</discovery>
62
      <entry>2008-08-20</entry>
63
    </dates>
64
  </vuln>
65
66
  <vuln vid="6b0cfefa-6e90-11dd-9c8f-001999392805">
67
    <topic>opera -- Custom shortcuts can pass the wrong parameters to applications</topic>
68
    <affects>
69
      <package>
70
	<name>opera</name>
71
	<range><lt>9.52.20080814</lt></range>
72
      </package>
73
    </affects>
74
    <description>
75
      <body xmlns="http://www.w3.org/1999/xhtml">
76
	<blockquote cite="http://www.opera.com/support/search/view/894/">
77
	<p>Custom shortcut and menu commands can be used to activate external
78
	  applications. In some cases, the parameters passed to these
79
	  applications are not prepared correctly, and may be created from
80
	  uninitialized memory. These may be misinterpreted as additional
81
	  parameters, and depending on the application, this could allow execution
82
	  of arbitrary code.</p>
83
	<p>Successful exploitation requires convincing the user to modify their
84
	  shortcuts or menu files appropriately, pointing to an appropriate target
85
	  application, then to activate that shortcut at an appropriate time. To
86
	  inject code, additional means will have to be employed.</p>
87
	</blockquote>
88
      </body>
89
    </description>
90
    <references>
91
      <url>http://www.opera.com/support/search/view/894/</url>
92
    </references>
93
    <dates>
94
      <discovery>2008-08-14</discovery>
95
      <entry>2008-08-20</entry>
96
    </dates>
97
  </vuln>
98
99
  <vuln vid="c519f09f-6e90-11dd-9c8f-001999392805">
100
    <topic>opera -- Insecure pages can show incorrect security information</topic>
101
    <affects>
102
      <package>
103
	<name>opera</name>
104
	<range><lt>9.52.20080814</lt></range>
105
      </package>
106
    </affects>
107
    <description>
108
      <body xmlns="http://www.w3.org/1999/xhtml">
109
	<blockquote cite="http://www.opera.com/support/search/view/895/">
110
	<p>When insecure pages load content from secure sites into a frame,
111
	  they can cause Opera to incorrectly report the insecure site as
112
	  being secure. The padlock icon will incorrectly be shown, and the
113
	  security information dialog will state that the connection is secure,
114
	  but without any certificate information.</p>
115
	</blockquote>
116
      </body>
117
    </description>
118
    <references>
119
      <url>http://www.opera.com/support/search/view/895/</url>
120
    </references>
121
    <dates>
122
      <discovery>2008-08-14</discovery>
123
      <entry>2008-08-20</entry>
124
    </dates>
125
  </vuln>
126
127
  <vuln vid="f6d9d94c-6e90-11dd-9c8f-001999392805">
128
    <topic>opera -- Feed links can link to local files</topic>
129
    <affects>
130
      <package>
131
	<name>opera</name>
132
	<range><lt>9.52.20080814</lt></range>
133
      </package>
134
    </affects>
135
    <description>
136
      <body xmlns="http://www.w3.org/1999/xhtml">
137
	<blockquote cite="http://www.opera.com/support/search/view/896/">
138
	<p>As a security precaution, Opera does not allow Web pages to
139
	  link to files on the user's local disk. However, a flaw exists
140
	  that allows Web pages to link to feed source files on the
141
	  user's computer. Suitable detection of JavaScript events and
142
	  appropriate manipulation can unreliably allow a script to
143
	  detect the difference between successful and unsuccessful
144
	  subscriptions to these files, to allow it to discover if the
145
	  file exists or not. In most cases the attempt will fail.</p>
146
	</blockquote>
147
      </body>
148
    </description>
149
    <references>
150
      <url>http://www.opera.com/support/search/view/896/</url>
151
    </references>
152
    <dates>
153
      <discovery>2008-08-14</discovery>
154
      <entry>2008-08-20</entry>
155
    </dates>
156
  </vuln>
157
158
  <vuln vid="35b92739-6e91-11dd-9c8f-001999392805">
159
    <topic>opera -- Feed subscription can cause the wrong page address to be displayed</topic>
160
    <affects>
161
      <package>
162
	<name>opera</name>
163
	<range><lt>9.52.20080814</lt></range>
164
      </package>
165
    </affects>
166
    <description>
167
      <body xmlns="http://www.w3.org/1999/xhtml">
168
	<blockquote cite="http://www.opera.com/support/search/view/897/">
169
	<p>It has been reported that when a user subscribes to a news
170
	  feed using the feed subscription button, the page address
171
	  can be changed. This causes the address field not to update
172
	  correctly. Although this can mean that that misleading
173
	  information can be displayed in the address field, it can
174
	  only leave the attacking page's address in the address bar,
175
	  not a trusted third party address.</p>
176
	</blockquote>
177
      </body>
178
    </description>
179
    <references>
180
      <url>http://www.opera.com/support/search/view/897</url>
181
    </references>
182
    <dates>
183
      <discovery>2008-08-14</discovery>
184
      <entry>2008-08-20</entry>
185
    </dates>
186
  </vuln>
187
37
  <vuln vid="c4f31e16-6e33-11dd-8eb7-0011098ad87f">
188
  <vuln vid="c4f31e16-6e33-11dd-8eb7-0011098ad87f">
38
    <topic>cdf3 -- Buffer overflow vulnerability</topic>
189
    <topic>cdf3 -- Buffer overflow vulnerability</topic>
39
    <affects>
190
    <affects>

Return to bug 126677