Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
Thanks. I've not gotten around to upgrading from 6 yet. They were implementing a "better" Javascript runtime in 7, so I wanted to wait out the worst of the bugs.
> -----Original Message-----
> From: Mike Miller [mailto:EMAIL:PROTECTED]
> Sent: Thursday, March 13, 2003 3:19 PM
> To: MLUG Off-Topic Discussion
> Subject: [MLUG - DISCUSSION] Opera vulnerability (was "IE grip")
>
>
> On Thu, 13 Mar 2003, Matthew Ross wrote:
>
> > I don't swear by Opera, but I paid for it happily as its
> better than IE
> > or Netscrape (and Mozilla, IMO)
>
> In case you didn't know about it, see below.
>
> By the way, I meant for my earlier subject to be "IE gripe"! ;-)
>
> Mike
>
>
> Date: Mon, 10 Feb 2003 12:54:46 -0700 (MST)
> From: The SANS Institute <EMAIL:PROTECTED>
> To: Michael Miller <EMAIL:PROTECTED>
> Subject: Update to CVA Vol. 2 No. 05 Opera Web Browser Alert
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
>
> (6) LOW: Opera Web Browser Multiple Vulnerabilities
>
> Affected Products:
> Opera Web browser Version 7
>
> Description:
> The Opera Web browser contains multiple vulnerabilities that allow a
> malicious web server to read arbitrary files on the client system,
> steal cookies set by other sites, and extract a user's browsing
> history.
>
> Risk: A malicious web server can harvest sensitive information from
> a client running Opera.
>
> Deployment: Moderate.
> The Opera browser is ranked third among browsers worldwide behind
> Internet Explorer and Netscape. The software was designed to be
> compact, making it a popular browser solution for embedded devices.
> Opera runs on Windows, OS/2, Linux, BeOS, BelA, Symbian OS, and QNX.
>
> Ease of Exploitation: Straightforward.
> Example exploits have been posted for each vulnerability.
>
> Status: These vulnerabilities have not been confirmed by Opera
> Software. They have been corrected in Version 7.01, which is
> available
> for download from the Opera web site.
>
> References:
> Security Advisories posted by GreyMagic:
> http://security.greymagic.com/adv/gm002-op/
> http://security.greymagic.com/adv/gm003-op/
> http://security.greymagic.com/adv/gm004-op/
> http://security.greymagic.com/adv/gm005-op/
> http://security.greymagic.com/adv/gm006-op/
>
> Vendor Web Site:
> http://www.opera.com/
>
> Background Information about Opera:
> http://www.wave-report.com/tutorials/opera.htm
>
> Council Site Actions:
> The majority of the council sites reported the affected software was
> not in production or widespread use, hence no action was necessary.
> One site did have a small deployment, but none of the users had
> installed the affected version.
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
>
> iD8DBQE+R/qf+LUG5KFpTkYRAl8qAKCTozsS5m7mXZd3m7gvE45/Sn+0LACfZZFb
> 8sVegKj82oi6yaoffEZXjiY=
> =D9+R
> -----END PGP SIGNATURE-----
> _______________________________________________
> discussion mailing list
> EMAIL:PROTECTED
> http://mlug.missouri.edu/mailman/listinfo/discussion
>
_______________________________________________
discussion mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/discussion
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact