Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 409857 - <www-client/opera-11.62.1347-r1: multiple vulnerabilities (CVE-2012-{1924,1925,1926,1927,1928,1930,1931})
Summary: <www-client/opera-11.62.1347-r1: multiple vulnerabilities (CVE-2012-{1924,192...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
Whiteboard: B2 [glsa]
Depends on:
Reported: 2012-03-27 12:16 UTC by Jeroen Roovers (RETIRED)
Modified: 2012-06-15 17:41 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2012-03-27 12:16:49 UTC
- Fixed an issue where small windows could be used to trick users into
   executing downloads, as reported by Jordi Chancel; see our advisory[1]
 - Fixed an issue where overlapping content could trick users into executing
   downloads, as reported by Jordi Chancel; see our advisory[2]
 - Fixed a printing issue which could allow data leaks to other system users,
   or allow them to corrupt data, as reported by Christof Meerwald; see our
 - Fixed an issue where history.state could leak the state data from cross
   domain pages; see our advisory[4]
 - Fixed an issue which could allow web page dialogs to display the wrong
   address in the address field; see our advisory[5]
 - Fixed an issue where carefully timed reloads and redirects could spoof the
   address field, as reported by Jordi Chancel; see our advisory[6]


Arch teams, please test and mark stable:
Target KEYWORDS="amd64 x86"
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2012-03-27 12:44:06 UTC

Arch teams, please test and mark stable:
Target KEYWORDS="amd64 x86"
Comment 2 Elijah "Armageddon" El Lazkani (amd64 AT) 2012-03-28 06:46:09 UTC
amd64: pass
Comment 3 Agostino Sarubbo gentoo-dev 2012-03-28 09:57:39 UTC
amd64 stable
Comment 4 GLSAMaker/CVETool Bot gentoo-dev 2012-03-28 11:14:19 UTC
CVE-2012-1931 (
  Opera before 11.62 on UNIX, when used in conjunction with an unspecified
  printing application, allows local users to overwrite arbitrary files via a
  symlink attack on a temporary file during printing.

CVE-2012-1930 (
  Opera before 11.62 on UNIX uses world-readable permissions for temporary
  files during printing, which allows local users to obtain sensitive
  information by reading these files.

CVE-2012-1928 (
  Opera before 11.62 allows remote attackers to spoof the address field by
  triggering a page reload followed by a redirect to a different domain.

CVE-2012-1927 (
  Opera before 11.62 allows remote attackers to spoof the address field by
  triggering the launch of a dialog window associated with a different domain.

CVE-2012-1926 (
  Opera before 11.62 allows remote attackers to bypass the Same Origin Policy
  via the (1) history.pushState and (2) history.replaceState functions in
  conjunction with cross-domain frames, leading to unintended read access to
  history.state information.

CVE-2012-1925 (
  Opera before 11.62 does not ensure that a dialog window is placed on top of
  content windows, which makes it easier for user-assisted remote attackers to
  trick users into downloading and executing arbitrary files via a download
  dialog located under other windows.

CVE-2012-1924 (
  Opera before 11.62 allows user-assisted remote attackers to trick users into
  downloading and executing arbitrary files via a small window for the
  download dialog.
Comment 5 Andreas Schürch gentoo-dev 2012-04-03 19:58:39 UTC
X86 stable, thanks!
Comment 6 Andreas Schürch gentoo-dev 2012-04-03 20:00:05 UTC
Ooops, its security, so reopening!! sorry for the bugspam!
Comment 7 Sean Amoss (RETIRED) gentoo-dev Security 2012-04-03 20:16:44 UTC
Thanks, everyone. GLSA request is ready for review.
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2012-06-15 17:41:33 UTC
This issue was resolved and addressed in
 GLSA 201206-03 at
by GLSA coordinator Sean Amoss (ackle).