Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Subscribe











Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Security Vulnerability

Vigil@nce: Opera, three vulnerabilities

October 2008 by Vigil@nce

SYNTHESIS

Three vulnerabilities have been announced in Opera.

Gravity: 2/4

Consequences: client access/rights, data reading

Provenance: internet server

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Number of vulnerabilities in this bulletin: 3

Creation date: 21/10/2008

Revision date: 24/10/2008

IMPACTED PRODUCTS

 Novell Linux Desktop
 Novell Open Enterprise Server
 OpenSUSE
 Opera
 SuSE Linux
 SUSE LINUX Enterprise Server

DESCRIPTION

Three vulnerabilities have been announced in Opera.

An attacker can obtain the browsing history of the victim and
create a Cross Site Scripting. [grav:1/4; BID-31869,
CVE-2008-4696, CVE-2008-4725]

An attacker can use the Fast Forward feature in order to create a
Cross Site Scripting. [grav:2/4; CVE-2008-4697]

During the news feed preview, an attacker can obtain the content
of subscribed news feeds. [grav:2/4; CVE-2008-4698]

CHARACTERISTICS

Identifiers: BID-31842, BID-31869, CVE-2008-4696, CVE-2008-4697,
CVE-2008-4698, CVE-2008-4725, SUSE-SR:2008:022, VIGILANCE-VUL-8189

http://vigilance.aql.fr/vulnerability/8189


See previous articles

    

See next articles












Security Vulnerability

Toutes nos news en Francais

Alle unsere News auf deutsch

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts

 
News Files Cyber Security Security Vulnerability Malware Update Diary Guide & Podcast TRAINING Jobs CONTACTS Contact About Mentions légales identifier ADMIN

Global Security Mag Copyright 2011