- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 201206-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            https://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

 Severity: Normal
    Title: Opera: Multiple vulnerabilities
     Date: June 15, 2012
     Bugs: #264831, #283391, #290862, #293902, #294208, #294680,
           #308069, #324189, #325199, #326413, #332449, #348874,
           #352750, #367837, #373289, #381275, #386217, #387137,
           #393395, #409857, #415379, #421075
       ID: 201206-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
=======
Multiple vulnerabilities have been found in Opera, the worst of which
allow for the execution of arbitrary code.

Background
=========
Opera is a fast web browser that is available free of charge.

Affected packages
================
    -------------------------------------------------------------------
     Package              /     Vulnerable     /            Unaffected
    -------------------------------------------------------------------
  1  www-client/opera           < 12.00.1467            >= 12.00.1467

Description
==========
Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers referenced below for details.

Impact
=====
A remote attacker could entice a user to open a specially crafted web
page, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition. A remote
attacker may be able to: trick users into downloading and executing
arbitrary files, bypass intended access restrictions, spoof trusted
content, spoof URLs, bypass the Same Origin Policy, obtain sensitive
information, force subscriptions to arbitrary feeds, bypass the popup
blocker, bypass CSS filtering, conduct cross-site scripting attacks, or
have other unknown impact.

A local attacker could perform symlink attacks to overwrite arbitrary
files with the privileges of the user running the application or
possibly obtain sensitive information.

A physically proximate attacker may be able to access an email account.

Workaround
=========
There is no known workaround at this time.

Resolution
=========
All Opera users should upgrade to the latest version:

  # emerge --sync
  # emerge --ask --oneshot --verbose ">=www-client/opera-12.00.1467"

References
=========
[   1 ] CVE-2009-1234
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1234
[   2 ] CVE-2009-2059
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2059
[   3 ] CVE-2009-2063
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2063
[   4 ] CVE-2009-2067
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2067
[   5 ] CVE-2009-2070
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2070
[   6 ] CVE-2009-3013
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3013
[   7 ] CVE-2009-3044
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3044
[   8 ] CVE-2009-3045
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3045
[   9 ] CVE-2009-3046
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3046
[  10 ] CVE-2009-3047
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3047
[  11 ] CVE-2009-3048
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3048
[  12 ] CVE-2009-3049
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3049
[  13 ] CVE-2009-3831
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3831
[  14 ] CVE-2009-4071
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4071
[  15 ] CVE-2009-4072
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4072
[  16 ] CVE-2010-0653
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0653
[  17 ] CVE-2010-1349
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1349
[  18 ] CVE-2010-1989
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1989
[  19 ] CVE-2010-1993
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1993
[  20 ] CVE-2010-2121
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2121
[  21 ] CVE-2010-2421
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2421
[  22 ] CVE-2010-2455
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2455
[  23 ] CVE-2010-2576
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2576
[  24 ] CVE-2010-2658
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2658
[  25 ] CVE-2010-2659
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2659
[  26 ] CVE-2010-2660
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2660
[  27 ] CVE-2010-2661
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2661
[  28 ] CVE-2010-2662
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2662
[  29 ] CVE-2010-2663
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2663
[  30 ] CVE-2010-2664
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2664
[  31 ] CVE-2010-2665
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2665
[  32 ] CVE-2010-3019
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3019
[  33 ] CVE-2010-3020
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3020
[  34 ] CVE-2010-3021
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3021
[  35 ] CVE-2010-4579
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4579
[  36 ] CVE-2010-4580
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4580
[  37 ] CVE-2010-4581
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4581
[  38 ] CVE-2010-4582
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4582
[  39 ] CVE-2010-4583
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4583
[  40 ] CVE-2010-4584
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4584
[  41 ] CVE-2010-4585
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4585
[  42 ] CVE-2010-4586
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4586
[  43 ] CVE-2011-0681
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0681
[  44 ] CVE-2011-0682
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0682
[  45 ] CVE-2011-0683
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0683
[  46 ] CVE-2011-0684
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0684
[  47 ] CVE-2011-0685
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0685
[  48 ] CVE-2011-0686
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0686
[  49 ] CVE-2011-0687
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0687
[  50 ] CVE-2011-1337
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1337
[  51 ] CVE-2011-1824
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1824
[  52 ] CVE-2011-2609
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2609
[  53 ] CVE-2011-2610
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2610
[  54 ] CVE-2011-2611
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2611
[  55 ] CVE-2011-2612
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2612
[  56 ] CVE-2011-2613
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2613
[  57 ] CVE-2011-2614
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2614
[  58 ] CVE-2011-2615
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2615
[  59 ] CVE-2011-2616
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2616
[  60 ] CVE-2011-2617
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2617
[  61 ] CVE-2011-2618
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2618
[  62 ] CVE-2011-2619
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2619
[  63 ] CVE-2011-2620
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2620
[  64 ] CVE-2011-2621
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2621
[  65 ] CVE-2011-2622
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2622
[  66 ] CVE-2011-2623
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2623
[  67 ] CVE-2011-2624
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2624
[  68 ] CVE-2011-2625
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2625
[  69 ] CVE-2011-2626
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2626
[  70 ] CVE-2011-2627
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2627
[  71 ] CVE-2011-2628
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2628
[  72 ] CVE-2011-2629
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2629
[  73 ] CVE-2011-2630
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2630
[  74 ] CVE-2011-2631
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2631
[  75 ] CVE-2011-2632
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2632
[  76 ] CVE-2011-2633
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2633
[  77 ] CVE-2011-2634
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2634
[  78 ] CVE-2011-2635
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2635
[  79 ] CVE-2011-2636
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2636
[  80 ] CVE-2011-2637
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2637
[  81 ] CVE-2011-2638
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2638
[  82 ] CVE-2011-2639
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2639
[  83 ] CVE-2011-2640
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2640
[  84 ] CVE-2011-2641
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2641
[  85 ] CVE-2011-3388
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3388
[  86 ] CVE-2011-4065
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4065
[  87 ] CVE-2011-4681
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4681
[  88 ] CVE-2011-4682
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4682
[  89 ] CVE-2011-4683
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4683
[  90 ] CVE-2012-1924
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1924
[  91 ] CVE-2012-1925
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1925
[  92 ] CVE-2012-1926
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1926
[  93 ] CVE-2012-1927
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1927
[  94 ] CVE-2012-1928
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1928
[  95 ] CVE-2012-1930
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1930
[  96 ] CVE-2012-1931
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1931
[  97 ] CVE-2012-3555
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3555
[  98 ] CVE-2012-3556
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3556
[  99 ] CVE-2012-3557
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3557
[ 100 ] CVE-2012-3558
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3558
[ 101 ] CVE-2012-3560
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3560
[ 102 ] CVE-2012-3561
        http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3561

Availability
===========
This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

 https://security.gentoo.org/glsa/201206-03

Concerns?
========
Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
======
Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

https://creativecommons.org/licenses/by-sa/2.5/

Gentoo: GLSA-201206-03: Opera: Multiple vulnerabilities

Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code.

Summary

Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.

Resolution

All Opera users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/opera-12.00.1467"

References

[ 1 ] CVE-2009-1234 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1234 [ 2 ] CVE-2009-2059 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2059 [ 3 ] CVE-2009-2063 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2063 [ 4 ] CVE-2009-2067 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2067 [ 5 ] CVE-2009-2070 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2070 [ 6 ] CVE-2009-3013 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3013 [ 7 ] CVE-2009-3044 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3044 [ 8 ] CVE-2009-3045 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3045 [ 9 ] CVE-2009-3046 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3046 [ 10 ] CVE-2009-3047 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3047 [ 11 ] CVE-2009-3048 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3048 [ 12 ] CVE-2009-3049 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3049 [ 13 ] CVE-2009-3831 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3831 [ 14 ] CVE-2009-4071 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4071 [ 15 ] CVE-2009-4072 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4072 [ 16 ] CVE-2010-0653 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0653 [ 17 ] CVE-2010-1349 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1349 [ 18 ] CVE-2010-1989 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1989 [ 19 ] CVE-2010-1993 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1993 [ 20 ] CVE-2010-2121 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2121 [ 21 ] CVE-2010-2421 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2421 [ 22 ] CVE-2010-2455 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2455 [ 23 ] CVE-2010-2576 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2576 [ 24 ] CVE-2010-2658 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2658 [ 25 ] CVE-2010-2659 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2659 [ 26 ] CVE-2010-2660 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2660 [ 27 ] CVE-2010-2661 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2661 [ 28 ] CVE-2010-2662 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2662 [ 29 ] CVE-2010-2663 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2663 [ 30 ] CVE-2010-2664 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2664 [ 31 ] CVE-2010-2665 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2665 [ 32 ] CVE-2010-3019 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3019 [ 33 ] CVE-2010-3020 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3020 [ 34 ] CVE-2010-3021 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3021 [ 35 ] CVE-2010-4579 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4579 [ 36 ] CVE-2010-4580 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4580 [ 37 ] CVE-2010-4581 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4581 [ 38 ] CVE-2010-4582 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4582 [ 39 ] CVE-2010-4583 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4583 [ 40 ] CVE-2010-4584 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4584 [ 41 ] CVE-2010-4585 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4585 [ 42 ] CVE-2010-4586 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4586 [ 43 ] CVE-2011-0681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0681 [ 44 ] CVE-2011-0682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0682 [ 45 ] CVE-2011-0683 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0683 [ 46 ] CVE-2011-0684 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0684 [ 47 ] CVE-2011-0685 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0685 [ 48 ] CVE-2011-0686 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0686 [ 49 ] CVE-2011-0687 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0687 [ 50 ] CVE-2011-1337 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1337 [ 51 ] CVE-2011-1824 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1824 [ 52 ] CVE-2011-2609 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2609 [ 53 ] CVE-2011-2610 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2610 [ 54 ] CVE-2011-2611 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2611 [ 55 ] CVE-2011-2612 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2612 [ 56 ] CVE-2011-2613 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2613 [ 57 ] CVE-2011-2614 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2614 [ 58 ] CVE-2011-2615 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2615 [ 59 ] CVE-2011-2616 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2616 [ 60 ] CVE-2011-2617 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2617 [ 61 ] CVE-2011-2618 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2618 [ 62 ] CVE-2011-2619 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2619 [ 63 ] CVE-2011-2620 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2620 [ 64 ] CVE-2011-2621 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2621 [ 65 ] CVE-2011-2622 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2622 [ 66 ] CVE-2011-2623 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2623 [ 67 ] CVE-2011-2624 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2624 [ 68 ] CVE-2011-2625 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2625 [ 69 ] CVE-2011-2626 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2626 [ 70 ] CVE-2011-2627 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2627 [ 71 ] CVE-2011-2628 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2628 [ 72 ] CVE-2011-2629 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2629 [ 73 ] CVE-2011-2630 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2630 [ 74 ] CVE-2011-2631 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2631 [ 75 ] CVE-2011-2632 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2632 [ 76 ] CVE-2011-2633 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2633 [ 77 ] CVE-2011-2634 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2634 [ 78 ] CVE-2011-2635 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2635 [ 79 ] CVE-2011-2636 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2636 [ 80 ] CVE-2011-2637 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2637 [ 81 ] CVE-2011-2638 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2638 [ 82 ] CVE-2011-2639 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2639 [ 83 ] CVE-2011-2640 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2640 [ 84 ] CVE-2011-2641 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2641 [ 85 ] CVE-2011-3388 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3388 [ 86 ] CVE-2011-4065 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4065 [ 87 ] CVE-2011-4681 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4681 [ 88 ] CVE-2011-4682 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4682 [ 89 ] CVE-2011-4683 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4683 [ 90 ] CVE-2012-1924 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1924 [ 91 ] CVE-2012-1925 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1925 [ 92 ] CVE-2012-1926 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1926 [ 93 ] CVE-2012-1927 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1927 [ 94 ] CVE-2012-1928 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1928 [ 95 ] CVE-2012-1930 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1930 [ 96 ] CVE-2012-1931 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1931 [ 97 ] CVE-2012-3555 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3555 [ 98 ] CVE-2012-3556 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3556 [ 99 ] CVE-2012-3557 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3557 [ 100 ] CVE-2012-3558 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3558 [ 101 ] CVE-2012-3560 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3560 [ 102 ] CVE-2012-3561 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3561

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201206-03

Concerns

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

Severity
Severity: Normal
Title: Opera: Multiple vulnerabilities
Date: June 15, 2012
Bugs: #264831, #283391, #290862, #293902, #294208, #294680,
ID: 201206-03

Synopsis

Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code.

Background

Opera is a fast web browser that is available free of charge.

Affected Packages

------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-client/opera < 12.00.1467 >= 12.00.1467

Impact

===== A remote attacker could entice a user to open a specially crafted web page, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A remote attacker may be able to: trick users into downloading and executing arbitrary files, bypass intended access restrictions, spoof trusted content, spoof URLs, bypass the Same Origin Policy, obtain sensitive information, force subscriptions to arbitrary feeds, bypass the popup blocker, bypass CSS filtering, conduct cross-site scripting attacks, or have other unknown impact. A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or possibly obtain sensitive information.
A physically proximate attacker may be able to access an email account.

Workaround

There is no known workaround at this time.

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved