homepage Welcome to WebmasterWorld Guest from 54.163.70.249
register, free tools, login, search, pro membership, help, library, announcements, recent posts, open posts,
Become a Pro Member
Home / Forums Index / Browsers / Opera Browser Usage and Support
Forum Library, Charter, Moderator: open

Opera Browser Usage and Support Forum

    
Security upgrade for Opera
RammsteinNicCage




msg:1585142
 5:35 pm on Dec 13, 2004 (gmt 0)

The upgrade (7.54u1) can be downloaded from here: [arc.opera.com...]

From [opera.com...]
Platform: All platforms

Opera security advisory
- Named frames or windows can be hi-jacked by malicious frames or windows.
- Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
- Applets have access to sun.* packages
- Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
- Liveconnect reveals the path to the user's home directory. This can make other vulnerabilities easier to exploit.

Severity: Moderate/high

Vulnerable versions of Opera
7.54 and earlier

Apparently the beta 7.60p4 they have out is also partially vulnerable to this.

Jennifer

 

tedster




msg:1585143
 6:51 pm on Dec 13, 2004 (gmt 0)

It sounds like a fix for the "all browsers" security problem reported last week:

[webmasterworld.com...]

If so, that would make Opera the first to fix, afaik.

bill




msg:1585144
 4:28 am on Dec 14, 2004 (gmt 0)

Thanks for the reminder Jennifer. I just wanted to bump this back up to the top for the Opera users out there.

Make sure that you download the 7.54u1 version, and that you check your version in opera:about to make sure you've got the latest version. Currently the Opera download page only has the Opera 7.54 Security Update listed in the right-hand column. The rest of the download sites have yet to be updated.

bumpaw




msg:1585145
 4:31 am on Dec 14, 2004 (gmt 0)

[arc.opera.com...] is not showing a download for me. Maybe it's a temporary thing.

tedster




msg:1585146
 4:34 am on Dec 14, 2004 (gmt 0)

The full link for the Windows download (without java) is:

[arc.opera.com...]

If you want the java, it's:

[arc.opera.com...]

Hester




msg:1585147
 9:25 am on Dec 14, 2004 (gmt 0)

I read that to cure Preview 4 would cause problems at this stage, so there'll probably be a Preview 5 later. That version is still being worked on quite a bit. (It's not advisable to use it for everyday work.)

Once again, the upgrade to 7.54 has proved how Opera and others like Firefox take security seriously, bringing a patch out almost instantly. It'll be weeks if not months before Microsoft get round to theirs, won't it? I know which browser I trust... it begins with O.

Global Options:
 top home search open messages active posts  
 

Home / Forums Index / Browsers / Opera Browser Usage and Support
rss feed

All trademarks and copyrights held by respective owners. Member comments are owned by the poster.
Home ¦ Free Tools ¦ Terms of Service ¦ Privacy Policy ¦ Report Problem ¦ About ¦ Library ¦ Newsletter
WebmasterWorld is a Developer Shed Community owned by Jim Boykin.
© Webmaster World 1996-2014 all rights reserved