diff options
| author | itetcu <itetcu@FreeBSD.org> | 2008-10-10 17:41:09 +0800 |
|---|---|---|
| committer | itetcu <itetcu@FreeBSD.org> | 2008-10-10 17:41:09 +0800 |
| commit | ce5421202bc5b74ee08e4a1fdb9cb80c23c31bc8 (patch) | |
| tree | cd55b9e92889ccb836ceba4ea8865fb11f1318ac /security | |
| parent | 98eef71d7ed0ed09184632a4d5bc7cb58f5d6293 (diff) | |
| download | freebsd-ports-gnome-ce5421202bc5b74ee08e4a1fdb9cb80c23c31bc8.tar.gz freebsd-ports-gnome-ce5421202bc5b74ee08e4a1fdb9cb80c23c31bc8.tar.zst freebsd-ports-gnome-ce5421202bc5b74ee08e4a1fdb9cb80c23c31bc8.zip | |
Add two www/opera vulnarabilities which affect versions <9.60.20081004
PR: ports/127941
Submitted by: Arjan van Leeuwen (opera maintainer)
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index 92900fe65c55..c8fa3a5b9776 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,44 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="fb84d5dd-9528-11dd-9a00-001999392805"> + <topic>opera -- multiple vulnerabilities</topic> + <affects> + <package> + <name>opera</name> + <range><lt>9.60.20081004</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Opera reports:</p> + <blockquote cite="http://www.opera.com/support/search/view/901/"> + <p>If a malicious page redirects Opera to a specially crafted + address (URL), it can cause Opera to crash. Given sufficient + address content, the crash could cause execution of code + controlled by the attacking page.</p> + </blockquote> + <blockquote cite="http://www.opera.com/support/search/view/902/"> + <p>Once a Java applet has been cached, if a page can predict the + cache path for that applet, it can load the applet from the + cache, causing it to run in the context of the local machine. + This allows it to read other cache files on the computer or + perform other normally more restrictive actions. These files + could contain sensitive information, which could then be sent + to the attacker.</p> + </blockquote> + </body> + </description> + <references> + <url>http://www.opera.com/support/search/view/901/</url> + <url>http://www.opera.com/support/search/view/902/</url> + </references> + <dates> + <discovery>2008-10-04</discovery> + <entry>2008-10-08</entry> + </dates> + </vuln> + <vuln vid="4775c807-8f30-11dd-821f-001cc0377035"> <topic>mysql -- command line client input validation vulnerability</topic> <affects> |