GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Tue Sep 25, 2012 10:26 pm Post subject: [ GLSA 201209-11 ] Opera: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: Opera: Multiple vulnerabilities (GLSA 201209-11)
Severity: normal
Exploitable: remote
Date: September 25, 2012
Bug(s): #429478, #434584
ID: 201209-11
Synopsis
Multiple vulnerabilities have been found in Opera, the worst of
which may allow remote execution of arbitrary code.
Background
Opera is a fast web browser that is available free of charge.
Affected Packages
Package: www-client/opera
Vulnerable: < 12.01.1532
Unaffected: >= 12.01.1532
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers and Opera Release Notes referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web
page using Opera, possibly resulting in execution of arbitrary code with
the privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to trick a user into
downloading and executing files, conduct Cross-Site Scripting (XSS)
attacks, spoof the address bar, or have other unspecified impact.
Workaround
There is no known workaround at this time.
Resolution
All Opera users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/opera-12.01.1532"
|
References
CVE-2012-4010
CVE-2012-4142
CVE-2012-4143
CVE-2012-4144
CVE-2012-4145
CVE-2012-4146
Opera 12.01 for
UNIX changelog
|
|
News & Announcements
