dcsimg
RealTime IT News

Opera patches browser for history search flaw

opera.jpg
Opera is out with a new browser - Opera 9.62 which patches a pair of highly servere security vulnerabilities.

One of them exploit a flaw in the History Search function - which is an attack vector that I personally have never seen before. According to Opera's advisory:

When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuration, allowing them to execute arbitrary code.

There is also a fix for a more common type of vulnerability too - namely Cross Site Scripting which is something that continues to be what I see as the most commonly reported vulnerability across web browsers and applications.

Comment and Contribute