GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sun Jun 15, 2014 3:26 am Post subject: [ GLSA 201406-14 ] Opera: Multiple vulnerabilities |
|
|
Gentoo Linux Security Advisory
Title: Opera: Multiple vulnerabilities (GLSA 201406-14)
Severity: normal
Exploitable: local, remote
Date: June 15, 2014
Bug(s): #442044, #444040, #446096, #454654
ID: 201406-14
Synopsis
Multiple vulnerabilities have been found in Opera, the worst of
which may allow remote execution of arbitrary code.
Background
Opera is a fast web browser that is available free of charge.
Affected Packages
Package: www-client/opera
Vulnerable: < 12.13_p1734
Unaffected: >= 12.13_p1734
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could entice a user to open a specially crafted web
page using Opera, possibly resulting in execution of arbitrary code with
the privileges of the process or a Denial of Service condition.
Furthermore, a remote attacker may be able to obtain sensitive
information, conduct Cross-Site Scripting (XSS) attacks, or bypass
security restrictions.
A local attacker may be able to obtain sensitive information.
Workaround
There is no known workaround at this time.
Resolution
All Opera users should upgrade to the latest version: Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/opera-12.13_p1734"
|
References
CVE-2012-6461
CVE-2012-6462
CVE-2012-6463
CVE-2012-6464
CVE-2012-6465
CVE-2012-6466
CVE-2012-6467
CVE-2012-6468
CVE-2012-6469
CVE-2012-6470
CVE-2012-6471
CVE-2012-6472
CVE-2013-1618
CVE-2013-1637
CVE-2013-1638
CVE-2013-1639 |
|