Opera Users - Update to 7.54
http://www.greymagic.com/security/advisories/gm008-op/
Quote:
Introduction:
On 04-Feb-2003 GreyMagic released an
advisory concerning Opera's security model in v7.0. The advisory depicted several flaws in Opera's model, one of them allowed for an attacker to overwrite native and custom functions in a victim window. When the victim web-page executed such function, the attacker's code executed with the victim's privileges.
Opera tried to prevent such scenarios in Opera 7.01, by blocking write-access to objects on the victim window.
Discussion:
Unfortunately, Opera failed to block write-access to the often-used "location" object.
By overwriting methods in this object, an attacker can gain immediate script access to any web-page that uses one of these methods. This includes both web-pages in foreign domains and the victim's
local file system.
The impacts of this vulnerability include:
- Read-access to files on the victim's file system
- Read-access to lists of files and folders on the victim's file system
- Read-access to emails written or received by M2, Opera's mail program
- Cookie theft
- URL spoofing (phishing)
- Track user browsing history
- Much more...
