Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Opera 9.6.3 released with security fixes - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Opera 9.6.3 released with security fixes

Is this browser patch day?
We have a patch coming out for IE today.
Firefox released an upgrade yesterday that addressed several security issues
Opera has released a new version to address security issues.
Opera 9.63 was just released. It addresses the following security issues.
Manipulating text input contents can allow execution of arbitrary code, as reported by Red XIII.
HTML parsing flaw can cause Opera to execute arbitrary code, as reported by Alexios Fakos.
Long hostnames in file: URLs can cause execution of arbitrary code, as reported by Vitaly McLain.
Script injection in feed preview can reveal contents of unrelated news feeds, as reported by David Bloom.
Built-in XSLT templates can allow cross-site scripting, as reported by Robert Swiecki of the Google Security Team.
Fixed an issue that could reveal random data, as reported by Matthew of Hispasec Sistemas.
SVG images embedded using <img> tags can no longer execute Java or plugin content, suggested by Chris Evans


206 Posts
Dec 17th 2008

Sign Up for Free or Log In to start participating in the conversation!