what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Gentoo Linux Security Advisory 201206-03

Gentoo Linux Security Advisory 201206-03
Posted Jun 16, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-3 - Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions less than 12.00.1467 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2009-1234, CVE-2009-2059, CVE-2009-2063, CVE-2009-2067, CVE-2009-2070, CVE-2009-3013, CVE-2009-3044, CVE-2009-3045, CVE-2009-3046, CVE-2009-3047, CVE-2009-3048, CVE-2009-3049, CVE-2009-3831, CVE-2009-4071, CVE-2009-4072, CVE-2010-0653, CVE-2010-1349, CVE-2010-1989, CVE-2010-1993, CVE-2010-2121, CVE-2010-2421, CVE-2010-2455, CVE-2010-2576, CVE-2010-2658, CVE-2010-2659, CVE-2010-2660, CVE-2010-2661, CVE-2010-2662
SHA-256 | 079ad6280c37cb6d91d65fb6002a5623aa54386dfebe9b9f4ba42ff6773a4375

Gentoo Linux Security Advisory 201206-03

Change Mirror Download
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory GLSA 201206-03
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Severity: Normal
Title: Opera: Multiple vulnerabilities
Date: June 15, 2012
Bugs: #264831, #283391, #290862, #293902, #294208, #294680,
#308069, #324189, #325199, #326413, #332449, #348874,
#352750, #367837, #373289, #381275, #386217, #387137,
#393395, #409857, #415379, #421075
ID: 201206-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

Multiple vulnerabilities have been found in Opera, the worst of which
allow for the execution of arbitrary code.

Background
==========

Opera is a fast web browser that is available free of charge.

Affected packages
=================

-------------------------------------------------------------------
Package / Vulnerable / Unaffected
-------------------------------------------------------------------
1 www-client/opera < 12.00.1467 >= 12.00.1467

Description
===========

Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers referenced below for details.

Impact
======

A remote attacker could entice a user to open a specially crafted web
page, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition. A remote
attacker may be able to: trick users into downloading and executing
arbitrary files, bypass intended access restrictions, spoof trusted
content, spoof URLs, bypass the Same Origin Policy, obtain sensitive
information, force subscriptions to arbitrary feeds, bypass the popup
blocker, bypass CSS filtering, conduct cross-site scripting attacks, or
have other unknown impact.

A local attacker could perform symlink attacks to overwrite arbitrary
files with the privileges of the user running the application or
possibly obtain sensitive information.

A physically proximate attacker may be able to access an email account.

Workaround
==========

There is no known workaround at this time.

Resolution
==========

All Opera users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/opera-12.00.1467"

References
==========

[ 1 ] CVE-2009-1234
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1234
[ 2 ] CVE-2009-2059
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2059
[ 3 ] CVE-2009-2063
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2063
[ 4 ] CVE-2009-2067
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2067
[ 5 ] CVE-2009-2070
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2070
[ 6 ] CVE-2009-3013
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3013
[ 7 ] CVE-2009-3044
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3044
[ 8 ] CVE-2009-3045
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3045
[ 9 ] CVE-2009-3046
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3046
[ 10 ] CVE-2009-3047
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3047
[ 11 ] CVE-2009-3048
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3048
[ 12 ] CVE-2009-3049
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3049
[ 13 ] CVE-2009-3831
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3831
[ 14 ] CVE-2009-4071
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4071
[ 15 ] CVE-2009-4072
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-4072
[ 16 ] CVE-2010-0653
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0653
[ 17 ] CVE-2010-1349
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1349
[ 18 ] CVE-2010-1989
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1989
[ 19 ] CVE-2010-1993
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-1993
[ 20 ] CVE-2010-2121
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2121
[ 21 ] CVE-2010-2421
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2421
[ 22 ] CVE-2010-2455
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2455
[ 23 ] CVE-2010-2576
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2576
[ 24 ] CVE-2010-2658
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2658
[ 25 ] CVE-2010-2659
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2659
[ 26 ] CVE-2010-2660
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2660
[ 27 ] CVE-2010-2661
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2661
[ 28 ] CVE-2010-2662
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2662
[ 29 ] CVE-2010-2663
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2663
[ 30 ] CVE-2010-2664
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2664
[ 31 ] CVE-2010-2665
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-2665
[ 32 ] CVE-2010-3019
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3019
[ 33 ] CVE-2010-3020
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3020
[ 34 ] CVE-2010-3021
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-3021
[ 35 ] CVE-2010-4579
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4579
[ 36 ] CVE-2010-4580
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4580
[ 37 ] CVE-2010-4581
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4581
[ 38 ] CVE-2010-4582
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4582
[ 39 ] CVE-2010-4583
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4583
[ 40 ] CVE-2010-4584
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4584
[ 41 ] CVE-2010-4585
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4585
[ 42 ] CVE-2010-4586
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4586
[ 43 ] CVE-2011-0681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0681
[ 44 ] CVE-2011-0682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0682
[ 45 ] CVE-2011-0683
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0683
[ 46 ] CVE-2011-0684
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0684
[ 47 ] CVE-2011-0685
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0685
[ 48 ] CVE-2011-0686
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0686
[ 49 ] CVE-2011-0687
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-0687
[ 50 ] CVE-2011-1337
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1337
[ 51 ] CVE-2011-1824
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-1824
[ 52 ] CVE-2011-2609
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2609
[ 53 ] CVE-2011-2610
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2610
[ 54 ] CVE-2011-2611
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2611
[ 55 ] CVE-2011-2612
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2612
[ 56 ] CVE-2011-2613
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2613
[ 57 ] CVE-2011-2614
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2614
[ 58 ] CVE-2011-2615
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2615
[ 59 ] CVE-2011-2616
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2616
[ 60 ] CVE-2011-2617
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2617
[ 61 ] CVE-2011-2618
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2618
[ 62 ] CVE-2011-2619
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2619
[ 63 ] CVE-2011-2620
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2620
[ 64 ] CVE-2011-2621
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2621
[ 65 ] CVE-2011-2622
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2622
[ 66 ] CVE-2011-2623
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2623
[ 67 ] CVE-2011-2624
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2624
[ 68 ] CVE-2011-2625
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2625
[ 69 ] CVE-2011-2626
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2626
[ 70 ] CVE-2011-2627
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2627
[ 71 ] CVE-2011-2628
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2628
[ 72 ] CVE-2011-2629
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2629
[ 73 ] CVE-2011-2630
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2630
[ 74 ] CVE-2011-2631
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2631
[ 75 ] CVE-2011-2632
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2632
[ 76 ] CVE-2011-2633
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2633
[ 77 ] CVE-2011-2634
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2634
[ 78 ] CVE-2011-2635
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2635
[ 79 ] CVE-2011-2636
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2636
[ 80 ] CVE-2011-2637
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2637
[ 81 ] CVE-2011-2638
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2638
[ 82 ] CVE-2011-2639
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2639
[ 83 ] CVE-2011-2640
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2640
[ 84 ] CVE-2011-2641
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-2641
[ 85 ] CVE-2011-3388
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3388
[ 86 ] CVE-2011-4065
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4065
[ 87 ] CVE-2011-4681
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4681
[ 88 ] CVE-2011-4682
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4682
[ 89 ] CVE-2011-4683
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4683
[ 90 ] CVE-2012-1924
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1924
[ 91 ] CVE-2012-1925
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1925
[ 92 ] CVE-2012-1926
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1926
[ 93 ] CVE-2012-1927
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1927
[ 94 ] CVE-2012-1928
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1928
[ 95 ] CVE-2012-1930
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1930
[ 96 ] CVE-2012-1931
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-1931
[ 97 ] CVE-2012-3555
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3555
[ 98 ] CVE-2012-3556
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3556
[ 99 ] CVE-2012-3557
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3557
[ 100 ] CVE-2012-3558
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3558
[ 101 ] CVE-2012-3560
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3560
[ 102 ] CVE-2012-3561
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-3561

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

http://security.gentoo.org/glsa/glsa-201206-03.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users' machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
https://bugs.gentoo.org.

License
=======

Copyright 2012 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close