Breaking News

Opera 9.62 Fixes High Security Issue

Opera Software released a patch for their Opera browser which fixes two high security issues.

First security issue which were marked Extreme Severe is related to history search which could be used to execute arbitrary code, as discovered by Aviv Raff.

When certain parameters are passed to Opera’s History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera’s configuration, allowing them to execute arbitrary code.

A highly severe security risk is also identified where the links panel can allow cross-site scripting.

The links panel shows links in all frames on the current page, including links with JavaScript URLs. When a page is held in a frame, the script is incorrectly executed on the outermost page, not the page where the URL was located. This can be used to execute scripts in the context of an unrelated frame, which allows cross-site scripting.

Updating your Opera browser is a highly advised. You can update your browser by downloading the latest driver at Opera’s download page here.

Leave a Reply