Opera Mail Client Attachment Spoofing and Script Insertion

Started by Corrine, September 27, 2005, 03:43:30 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Corrine

QuoteSecunia Research has discovered two vulnerabilities in the Opera Mail client, which can be exploited by a malicious person to conduct script insertion attacks and to spoof the name of attached files.

http://secunia.com/advisories/16645/


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Jason

The Secunia advisory has recently been updated and according to information from the vendor this issue can be solved by updating to
Opera version 8.50.
The vulnerabilities have been confirmed in Opera version 8.02, and prior versions may also be vulnerable.

Jason ;)
In a perfect world, spammers would get caught, go to jail, and share a cell with many men who have enlarged something, taken Viagra and are looking for a new relationship.