Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 202770 (CVE-2007-6520)

Summary: www-client/opera < 9.25 Multiple vulnerabilities (CVE-2007-{6520,6521,6522,6524})
Product: Gentoo Security Reporter: ollonois <ollonois>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: jer
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.opera.com/docs/changelogs/linux/925/
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description ollonois 2007-12-19 11:38:10 UTC
Security

    * Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date.
    * Fixed an issue with TLS certificates that could be used to execute arbitrary code, as reported by Alexander Klink (Cynops GmbH). Details will be disclosed at a later date.
    * Rich text editing can no longer be used to allow cross domain scripting, as reported by David Bloom. See our advisory.
    * Prevented bitmaps from revealing random data from memory, as reported by Gynvael Coldwind. Details will be disclosed at a later date.

Reproducible: Always
Comment 1 Robert Buchholz (RETIRED) gentoo-dev 2007-12-19 12:51:33 UTC
Thanks for reporting this to us, ollonois.

Jeroen, please advise.
Comment 2 Jeroen Roovers gentoo-dev 2007-12-19 14:51:11 UTC
www-client/opera-9.25 is in CVS.
Comment 3 Robert Buchholz (RETIRED) gentoo-dev 2007-12-19 22:21:53 UTC
Arches, please test and mark stable www-client/opera-9.25.
Target keywords : "amd64 ppc sparc x86"
Comment 4 Christian Faulhammer (RETIRED) gentoo-dev 2007-12-20 07:24:04 UTC
x86 stable
Comment 5 Ferris McCormick (RETIRED) gentoo-dev 2007-12-20 13:38:51 UTC
Stable for sparc.  Appears to work fine.
Comment 6 Tobias Scherbaum (RETIRED) gentoo-dev 2007-12-21 12:58:12 UTC
ppc stable
Comment 7 Peter Weller (RETIRED) gentoo-dev 2007-12-22 12:42:08 UTC
amd64 stable
Comment 8 Tobias Heinlein (RETIRED) gentoo-dev 2007-12-22 12:47:15 UTC
All arches done, GLSA request filed.
Comment 9 Robert Buchholz (RETIRED) gentoo-dev 2007-12-24 23:51:35 UTC
CVE ids were assigned as follows:

CVE-2007-6520:
  Opera before 9.25 allows remote attackers to conduct cross-domain
  scripting attacks via unknown vectors related to plug-ins.

CVE-2007-6521
  Unspecified vulnerability in Opera before 9.25 allows remote attackers
  to execute arbitrary code via crafted TLS certificates.

CVE-2007-6522
  The rich text editing functionality in Opera before 9.25 allows remote
  attackers to conduct cross-domain scripting attacks by using
  designMode to modify contents of pages in other domains.

CVE-2007-6524
  Opera before 9.25 allows remote attackers to obtain potentially
  sensitive memory contents via a crafted bitmap (BMP) file.
Comment 10 Pierre-Yves Rofes (RETIRED) gentoo-dev 2007-12-30 17:23:29 UTC
GLSA 200712-22