Ernst_42
schläft auf dem Boardsofa
Security Update 7.54u1
Mehrere Schwachstellen behoben...
aus dem Security Advisory von Opera:
* Named frames or windows can be hi-jacked by malicious frames or windows.
* Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
* Applets have access to sun.* packages
* Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
* Liveconnect reveals the path to the user's home directory. This can make other vulnerabilities easier to exploit.
Mahlzeit und fröhliches Apdäiten...
Mehrere Schwachstellen behoben...
aus dem Security Advisory von Opera:
* Named frames or windows can be hi-jacked by malicious frames or windows.
* Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
* Applets have access to sun.* packages
* Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
* Liveconnect reveals the path to the user's home directory. This can make other vulnerabilities easier to exploit.
Mahlzeit und fröhliches Apdäiten...