oss-security - Re: opera 10.61 fixes 3 security bugs

Follow @Openwall on Twitter for new release announcements and other news

[<prev] [next>] [<thread-prev] [day] [month] [year] [list]

Date: Thu, 12 Aug 2010 17:19:53 +0200
From: "Carsten H. Eiram" <che@...unia.com>
To: oss-security@...ts.openwall.com
Subject: Re: opera 10.61 fixes 3 security bugs

Please note that CVE-2010-2576 is already assigned to the issue
discovered by us.

http://secunia.com/secunia_research/2010-110/



On Thu, 2010-08-12 at 17:04 +0200, Thomas Biege wrote:
> http://www.opera.com/docs/changelogs/unix/1061/
> 
> * Fixed an issue where heap buffer overflow in HTML5 canvas could be used to 
> execute arbitrary code, as reported by Kuzzcc; see our advisory.
> * Fixed an issue where unexpected changes in tab focus could be used to run 
> programs from the Internet, as reported by Jakob Balle and Sven Krewitt of 
> Secunia; see our advisory.
> * Fixed an issue where news feed preview could subscribe to feeds without 
> interaction, as reported by Alexios Fakos; see our advisory.
> 
> 
-- 

Med venlig hilsen / Kind regards


Carsten H. Eiram
Chief Security Specialist

Secunia 
Weidekampsgade 14 A
DK-2300 Copenhagen S
Denmark

Phone  +45 7020 5144
Fax    +45 7020 5145

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.