FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  365592
Date:      2014-08-21
Time:      19:46:21Z
Committer: zi

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
38daea4f-2851-11e2-9483-14dae938ec40opera -- multiple vulnerabilities

Opera reports:

CORS (Cross-Origin Resource Sharing) allows web pages to retrieve the contents of pages from other sites, with their permission, as they would appear for the current user. When requests are made in this way, the browser should only allow the page content to be retrieved if the target site sends the correct headers that give permission for their contents to be used in this way. Specially crafted requests may trick Opera into thinking that the target site has given permission when it had not done so. This can result in the contents of any target page being revealed to untrusted sites, including any sensitive information or session IDs contained within the source of those pages.

Also reported are vulnerabilities involving SVG graphics and XSS.


Discovery 2012-11-06
Entry 2012-11-06
Modified 2014-04-30
opera
lt 12.10

opera-devel
lt 12.10

linux-opera
lt 12.10

linux-opera-devel
lt 12.10

http://www.opera.com/support/kb/view/1030/
http://www.opera.com/support/kb/view/1031/
http://www.opera.com/support/kb/view/1033/
0925716f-34e2-11e2-aa75-003067c2616fopera -- execution of arbitrary code

Opera reports:

When requesting pages using HTTP, Opera temporarily stores the response in a buffer. In some cases, Opera may incorrectly allocate too little space for a buffer, and may then store too much of the response in that buffer. This causes a buffer overflow, which in turn can lead to a memory corruption and crash. It is possible to use this crash to execute the overflowing data as code, which may be controlled by an attacking site.


Discovery 2012-11-19
Entry 2012-11-22
Modified 2014-04-30
opera
lt 12.11

opera-devel
lt 12.11

linux-opera
lt 12.11

linux-opera-devel
lt 12.11

http://www.opera.com/support/kb/view/1036/
85f33a8d-492f-11e2-aa75-003067c2616fopera -- execution of arbitrary code

Opera reports:

When loading GIF images into memory, Opera should allocate the correct amount of memory to store that image. Specially crafted image files can cause Opera to allocate the wrong amount of memory. Subsequent data may then overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code.


Discovery 2012-12-18
Entry 2012-12-18
Modified 2014-04-30
opera
lt 12.12

opera-devel
lt 12.12

linux-opera
lt 12.12

linux-opera-devel
lt 12.12

http://www.opera.com/support/kb/view/1038/
http://www.opera.com/support/kb/view/1039/