Openwall Project   /home  Owl  JtR  Pro  crypt  pam_passwdqc  tcb  phpass  scanlogd  popa3d  msulogin  /  Linux  BIND  /  advisories  presentations  /  services  donations  /  wordlists  passwords  /  NEWS  community  lists  Wiki  CVSweb  mirrors  signatures
bringing security into open environments
 
Password Recovery Resources on the Net
[<prev] [next>] [<thread-prev] [month] [year] [list] 
Date: Mon, 16 Jun 2008 17:08:13 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: Marcus Meissner <meissner@...e.de>
cc: oss-security@...ts.openwall.com, coley@...re.org
Subject: Re: CVE request: Opera 9.50



======================================================
Name: CVE-2008-2714
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2714
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/878/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Opera before 9.26 allows remote attackers to misrepresent web page
addresses using "certain characters" that "cause the page address text
to be misplaced."


======================================================
Name: CVE-2008-2715
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2715
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/883/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Unspecified vulnerability in Opera before 9.5 allows remote attackers
to read cross-domain images via HTML CANVAS elements that use the
images as patterns.


======================================================
Name: CVE-2008-2716
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2716
Reference: CONFIRM:http://www.opera.com/docs/changelogs/linux/950/#security
Reference: CONFIRM:http://www.opera.com/docs/changelogs/windows/950/#security
Reference: CONFIRM:http://www.opera.com/support/search/view/885/
Reference: BID:29684
Reference: URL:http://www.securityfocus.com/bid/29684
Reference: FRSIRT:ADV-2008-1812
Reference: URL:http://www.frsirt.com/english/advisories/2008/1812
Reference: SECUNIA:30636
Reference: URL:http://secunia.com/advisories/30636

Unspecified vulnerability in Opera before 9.5 allows remote attackers
to spoof the contents of trusted frames on the same parent page by
modifying the location, which can facilitate phishing attacks.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ