Opera: Multiple vulnerabilities Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Opera 2012-06-15 2012-06-15 264831 283391 290862 293902 294208 294680 308069 324189 325199 326413 332449 348874 352750 367837 373289 381275 386217 387137 393395 409857 415379 421075 remote 12.00.1467 12.00.1467

Opera is a fast web browser that is available free of charge.

Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.

A remote attacker could entice a user to open a specially crafted web page, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A remote attacker may be able to: trick users into downloading and executing arbitrary files, bypass intended access restrictions, spoof trusted content, spoof URLs, bypass the Same Origin Policy, obtain sensitive information, force subscriptions to arbitrary feeds, bypass the popup blocker, bypass CSS filtering, conduct cross-site scripting attacks, or have other unknown impact.

A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or possibly obtain sensitive information.

A physically proximate attacker may be able to access an email account.

There is no known workaround at this time.

All Opera users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/opera-12.00.1467" CVE-2009-1234 CVE-2009-2059 CVE-2009-2063 CVE-2009-2067 CVE-2009-2070 CVE-2009-3013 CVE-2009-3044 CVE-2009-3045 CVE-2009-3046 CVE-2009-3047 CVE-2009-3048 CVE-2009-3049 CVE-2009-3831 CVE-2009-4071 CVE-2009-4072 CVE-2010-0653 CVE-2010-1349 CVE-2010-1989 CVE-2010-1993 CVE-2010-2121 CVE-2010-2421 CVE-2010-2455 CVE-2010-2576 CVE-2010-2658 CVE-2010-2659 CVE-2010-2660 CVE-2010-2661 CVE-2010-2662 CVE-2010-2663 CVE-2010-2664 CVE-2010-2665 CVE-2010-3019 CVE-2010-3020 CVE-2010-3021 CVE-2010-4579 CVE-2010-4580 CVE-2010-4581 CVE-2010-4582 CVE-2010-4583 CVE-2010-4584 CVE-2010-4585 CVE-2010-4586 CVE-2011-0681 CVE-2011-0682 CVE-2011-0683 CVE-2011-0684 CVE-2011-0685 CVE-2011-0686 CVE-2011-0687 CVE-2011-1337 CVE-2011-1824 CVE-2011-2609 CVE-2011-2610 CVE-2011-2611 CVE-2011-2612 CVE-2011-2613 CVE-2011-2614 CVE-2011-2615 CVE-2011-2616 CVE-2011-2617 CVE-2011-2618 CVE-2011-2619 CVE-2011-2620 CVE-2011-2621 CVE-2011-2622 CVE-2011-2623 CVE-2011-2624 CVE-2011-2625 CVE-2011-2626 CVE-2011-2627 CVE-2011-2628 CVE-2011-2629 CVE-2011-2630 CVE-2011-2631 CVE-2011-2632 CVE-2011-2633 CVE-2011-2634 CVE-2011-2635 CVE-2011-2636 CVE-2011-2637 CVE-2011-2638 CVE-2011-2639 CVE-2011-2640 CVE-2011-2641 CVE-2011-3388 CVE-2011-4065 CVE-2011-4681 CVE-2011-4682 CVE-2011-4683 CVE-2012-1924 CVE-2012-1925 CVE-2012-1926 CVE-2012-1927 CVE-2012-1928 CVE-2012-1930 CVE-2012-1931 CVE-2012-3555 CVE-2012-3556 CVE-2012-3557 CVE-2012-3558 CVE-2012-3560 CVE-2012-3561 keytoaster craig