Email address obfuscation in effect -- please click here to turn it off.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

• To: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
• Subject: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
• From: Mike Miller <EMAIL:PROTECTED>
• Date: Thu, 13 Mar 2003 15:19:06 -0600 (CST)
• In-reply-to: <EMAIL:PROTECTED>
• List-archive: <http://mlug.missouri.edu/pipermail/discussion>
• List-help: <mailto:EMAIL:PROTECTED>
• List-id: MLUG Off-Topic Discussion <discussion.mlug.missouri.edu>
• List-post: <mailto:EMAIL:PROTECTED>
• List-subscribe: <http://mlug.missouri.edu/mailman/listinfo/discussion>,<mailto:EMAIL:PROTECTED>
• List-unsubscribe: <http://mlug.missouri.edu/mailman/listinfo/discussion>,<mailto:EMAIL:PROTECTED>
• References: <EMAIL:PROTECTED>
• Reply-to: MLUG Off-Topic Discussion <EMAIL:PROTECTED>
• Sender: EMAIL:PROTECTED

---

On Thu, 13 Mar 2003, Matthew Ross wrote:

> I don't swear by Opera, but I paid for it happily as its better than IE
> or Netscrape (and Mozilla, IMO)

In case you didn't know about it, see below.

By the way, I meant for my earlier subject to be "IE gripe"! ;-)

Mike


Date: Mon, 10 Feb 2003 12:54:46 -0700 (MST)
From: The SANS Institute <EMAIL:PROTECTED>
To: Michael Miller <EMAIL:PROTECTED>
Subject: Update to CVA Vol. 2 No. 05 Opera Web Browser Alert

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


(6) LOW: Opera Web Browser Multiple Vulnerabilities

Affected Products:
Opera Web browser Version 7

Description:
The Opera Web browser contains multiple vulnerabilities that allow a
malicious web server to read arbitrary files on the client system,
steal cookies set by other sites, and extract a user's browsing
history.

Risk: A malicious web server can harvest sensitive information from
a client running Opera.

Deployment: Moderate.
The Opera browser is ranked third among browsers worldwide behind
Internet Explorer and Netscape.  The software was designed to be
compact, making it a popular browser solution for embedded devices.
Opera runs on Windows, OS/2, Linux, BeOS, BelA, Symbian OS, and QNX.

Ease of Exploitation: Straightforward.
Example exploits have been posted for each vulnerability.

Status: These vulnerabilities have not been confirmed by Opera
Software.  They have been corrected in Version 7.01, which is available
for download from the Opera web site.

References:
Security Advisories posted by GreyMagic:
http://security.greymagic.com/adv/gm002-op/
http://security.greymagic.com/adv/gm003-op/
http://security.greymagic.com/adv/gm004-op/
http://security.greymagic.com/adv/gm005-op/
http://security.greymagic.com/adv/gm006-op/

Vendor Web Site:
http://www.opera.com/

Background Information about Opera:
http://www.wave-report.com/tutorials/opera.htm

Council Site Actions:
The majority of the council sites reported the affected software was
not in production or widespread use, hence no action was necessary.
One site did have a small deployment, but none of the users had
installed the affected version.


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQE+R/qf+LUG5KFpTkYRAl8qAKCTozsS5m7mXZd3m7gvE45/Sn+0LACfZZFb
8sVegKj82oi6yaoffEZXjiY=
=D9+R
-----END PGP SIGNATURE-----
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion

---

• Follow-Ups:
  • Re: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
    • From: Mikhail Kovalenko <EMAIL:PROTECTED>
  • Re: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
    • From: Michael Procter <EMAIL:PROTECTED>

• References:
  • RE: [MLUG - DISCUSSION] IE grip
    • From: "Matthew Ross" <EMAIL:PROTECTED>

• Prev by Date: RE: [MLUG - DISCUSSION] IE grip
• Next by Date: RE: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
• Previous by thread: RE: [MLUG - DISCUSSION] IE grip
• Next by thread: Re: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
• Index(es):
  • Date
  • Thread