Impact
web page spoofing, address misrepresenting
Solution
Please Install the Updated Packages.
Insight
The Opera web browser was brought to security update level 9.50
Following security problems were fixed:
CVE-2008-2714: Opera before 9.26 allows remote attackers to misrepresent web page addresses using "
certain characters"
that
"
cause the page address text to be misplaced."
CVE-2008-2715: Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns.
CVE-2008-2716: Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
Opera 9.50 also contains lots of new features and other bugfixes, see the Changelog at:
http://www.opera.com/docs/changelogs/linux/950/
Affected
opera on openSUSE 10.2, openSUSE 10.3, openSUSE 11.0
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2008-2714, CVE-2008-2715, CVE-2008-2716 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:P/A:N
Related Vulnerabilities