From a24567fbc43f221b14e805f9bc0b7c6d16911c46 Mon Sep 17 00:00:00 2001 From: Alex Legler Date: Sun, 8 Mar 2015 22:02:38 +0100 Subject: Import existing advisories --- glsa-200903-30.xml | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 glsa-200903-30.xml (limited to 'glsa-200903-30.xml') diff --git a/glsa-200903-30.xml b/glsa-200903-30.xml new file mode 100644 index 00000000..c30604c4 --- /dev/null +++ b/glsa-200903-30.xml @@ -0,0 +1,93 @@ + + + + + + + Opera: Multiple vulnerabilities + + Multiple vulnerabilities were found in Opera, the worst of which allow for + the execution of arbitrary code. + + opera + March 16, 2009 + March 17, 2009: 02 + 247229 + 261032 + remote + + + 9.64 + 9.64 + + + +

+ Opera is a fast web browser that is available free of charge. +

+ + +

+ Multiple vulnerabilities were discovered in Opera: +

+
    +
  • Vitaly McLain reported a heap-based buffer overflow when processing + host names in file:// URLs (CVE-2008-5178).
    • +
  • Alexios Fakos reported a vulnerability in the HTML parsing engine + when processing web pages that trigger an invalid pointer calculation + and heap corruption (CVE-2008-5679).
    • +
  • Red XIII reported that certain text-area contents can be + manipulated to cause a buffer overlow (CVE-2008-5680).
    • +
  • David Bloom discovered that unspecified "scripted URLs" are not + blocked during the feed preview (CVE-2008-5681).
    • +
  • Robert Swiecki of the Google Security Team reported a Cross-site + scripting vulnerability (CVE-2008-5682).
    • +
  • An unspecified vulnerability reveals random data + (CVE-2008-5683).
    • +
  • Tavis Ormandy of the Google Security Team reported a vulnerability + when processing JPEG images that may corrupt memory + (CVE-2009-0914).
    • +
+ + +

+ A remote attacker could entice a user to open a specially crafted JPEG + image to cause a Denial of Service or execute arbitrary code, to + process an overly long file:// URL or to open a specially crafted web + page to execute arbitrary code. He could also read existing + subscriptions and force subscriptions to arbitrary feed URLs, as well + as inject arbitrary web script or HTML via built-in XSLT templates. +

+ + +

+ There is no known workaround at this time. +

+ + +

+ All Opera users should upgrade to the latest version: +

+ + # emerge --sync + # emerge --ask --oneshot --verbose ">=www-client/opera-9.64" + + + CVE-2008-5178 + CVE-2008-5679 + CVE-2008-5680 + CVE-2008-5681 + CVE-2008-5682 + CVE-2008-5683 + CVE-2009-0914 + + + a3li + + + keytoaster + + + p-y + + -- cgit v1.2.3-65-gdbad