From 4f2d7949f03e1c198bc888f2d05f421d35c57e21 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Mon, 9 Oct 2017 18:53:29 +0100 Subject: reinit the tree, so we can have metadata --- metadata/glsa/glsa-200903-30.xml | 90 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 90 insertions(+) create mode 100644 metadata/glsa/glsa-200903-30.xml (limited to 'metadata/glsa/glsa-200903-30.xml') diff --git a/metadata/glsa/glsa-200903-30.xml b/metadata/glsa/glsa-200903-30.xml new file mode 100644 index 000000000000..3ed54ef5f7d0 --- /dev/null +++ b/metadata/glsa/glsa-200903-30.xml @@ -0,0 +1,90 @@ + + + + Opera: Multiple vulnerabilities + + Multiple vulnerabilities were found in Opera, the worst of which allow for + the execution of arbitrary code. + + opera + 2009-03-16 + 2009-03-17: 02 + 247229 + 261032 + remote + + + 9.64 + 9.64 + + + +

+ Opera is a fast web browser that is available free of charge. +

+ + +

+ Multiple vulnerabilities were discovered in Opera: +

+
    +
  • Vitaly McLain reported a heap-based buffer overflow when processing + host names in file:// URLs (CVE-2008-5178).
    • +
  • Alexios Fakos reported a vulnerability in the HTML parsing engine + when processing web pages that trigger an invalid pointer calculation + and heap corruption (CVE-2008-5679).
    • +
  • Red XIII reported that certain text-area contents can be + manipulated to cause a buffer overlow (CVE-2008-5680).
    • +
  • David Bloom discovered that unspecified "scripted URLs" are not + blocked during the feed preview (CVE-2008-5681).
    • +
  • Robert Swiecki of the Google Security Team reported a Cross-site + scripting vulnerability (CVE-2008-5682).
    • +
  • An unspecified vulnerability reveals random data + (CVE-2008-5683).
    • +
  • Tavis Ormandy of the Google Security Team reported a vulnerability + when processing JPEG images that may corrupt memory + (CVE-2009-0914).
    • +
+ + +

+ A remote attacker could entice a user to open a specially crafted JPEG + image to cause a Denial of Service or execute arbitrary code, to + process an overly long file:// URL or to open a specially crafted web + page to execute arbitrary code. He could also read existing + subscriptions and force subscriptions to arbitrary feed URLs, as well + as inject arbitrary web script or HTML via built-in XSLT templates. +

+ + +

+ There is no known workaround at this time. +

+ + +

+ All Opera users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/opera-9.64" + + + CVE-2008-5178 + CVE-2008-5679 + CVE-2008-5680 + CVE-2008-5681 + CVE-2008-5682 + CVE-2008-5683 + CVE-2009-0914 + + + a3li + + + keytoaster + + + p-y + + -- cgit v1.2.3