VuXML: opera -- multiple vulnerabilities

Affected packages

linux-opera

11.01

opera

11.01

opera-devel

11.01

Details

VuXML ID	2eda0c54-34ab-11e0-8103-00215c6a37bb
Discovery	2011-01-26
Entry	2011-02-10

VuXML ID

2eda0c54-34ab-11e0-8103-00215c6a37bb

Discovery

2011-01-26

Entry

2011-02-10

Opera reports:

Opera 11.01 is a recommended upgrade offering security and stability enhancements.

The following security vulnerabilities have been fixed:

Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS.

Fixed an issue where large form inputs could allow execution of arbitrary code, as reported by Jordi Chancel; see our advisory.

Fixed an issue which made it possible to carry out clickjacking attacks against internal opera: URLs; see our advisory.

Fixed issues which allowed web pages to gain limited access to files on the user's computer; see our advisory.

Fixed an issue where email passwords were not immediately deleted when deleting private data; see our advisory.

[source]

References

CVE Name	CVE-2011-0450
CVE Name	CVE-2011-0681
CVE Name	CVE-2011-0682
CVE Name	CVE-2011-0683
CVE Name	CVE-2011-0684
CVE Name	CVE-2011-0685
CVE Name	CVE-2011-0686
CVE Name	CVE-2011-0687
URL	http://secunia.com/advisories/43023
URL	http://www.opera.com/support/kb/view/982/
URL	http://www.opera.com/support/kb/view/983/
URL	http://www.opera.com/support/kb/view/984/