FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
38daea4f-2851-11e2-9483-14dae938ec40opera -- multiple vulnerabilities

Opera reports:

CORS (Cross-Origin Resource Sharing) allows web pages to retrieve the contents of pages from other sites, with their permission, as they would appear for the current user. When requests are made in this way, the browser should only allow the page content to be retrieved if the target site sends the correct headers that give permission for their contents to be used in this way. Specially crafted requests may trick Opera into thinking that the target site has given permission when it had not done so. This can result in the contents of any target page being revealed to untrusted sites, including any sensitive information or session IDs contained within the source of those pages.

Also reported are vulnerabilities involving SVG graphics and XSS.


Discovery 2012-11-06
Entry 2012-11-06
Modified 2014-04-30
opera
< 12.10

opera-devel
< 12.10

linux-opera
< 12.10

linux-opera-devel
< 12.10

http://www.opera.com/support/kb/view/1030/
http://www.opera.com/support/kb/view/1031/
http://www.opera.com/support/kb/view/1033/
0925716f-34e2-11e2-aa75-003067c2616fopera -- execution of arbitrary code

Opera reports:

When requesting pages using HTTP, Opera temporarily stores the response in a buffer. In some cases, Opera may incorrectly allocate too little space for a buffer, and may then store too much of the response in that buffer. This causes a buffer overflow, which in turn can lead to a memory corruption and crash. It is possible to use this crash to execute the overflowing data as code, which may be controlled by an attacking site.


Discovery 2012-11-19
Entry 2012-11-22
Modified 2014-04-30
opera
< 12.11

opera-devel
< 12.11

linux-opera
< 12.11

linux-opera-devel
< 12.11

http://www.opera.com/support/kb/view/1036/
85f33a8d-492f-11e2-aa75-003067c2616fopera -- execution of arbitrary code

Opera reports:

When loading GIF images into memory, Opera should allocate the correct amount of memory to store that image. Specially crafted image files can cause Opera to allocate the wrong amount of memory. Subsequent data may then overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code.


Discovery 2012-12-18
Entry 2012-12-18
Modified 2014-04-30
opera
< 12.12

opera-devel
< 12.12

linux-opera
< 12.12

linux-opera-devel
< 12.12

http://www.opera.com/support/kb/view/1038/
http://www.opera.com/support/kb/view/1039/
ea0f45e2-6c4b-11e2-98d9-003067c2616fopera -- execution of arbitrary code

Opera reports:

Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed.


Discovery 2013-01-30
Entry 2013-02-01
opera
opera-devel
linux-opera
linux-opera-devel
< 12.13

http://www.opera.com/support/kb/view/1042/
http://www.opera.com/support/kb/view/1043/
cebed39d-9e6f-11e2-b3f5-003067c2616fopera -- moderately severe issue

Opera reports:

Fixed a moderately severe issue, as reported by Attila Suszte.


Discovery 2013-04-04
Entry 2014-04-30
opera
< 12.15

opera-devel
< 12.15

linux-opera
< 12.15

linux-opera-devel
< 12.15

http://www.opera.com/docs/changelogs/unified/1215/
http://www.opera.com/support/kb/view/1046/
http://www.opera.com/support/kb/view/1047/