CVE-2008-3172 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3172): Opera allows web sites to set cookies for country-specific top-level domains that have DNS A records, such as co.tv, which could allow remote attackers to perform a session fixation attack and hijack a user's HTTP session, aka "Cross-Site Cooking."
I feel a 9.52 coming soonish. :)
The URL's Security doesn't appear to cover this one, but feel free to check it. One issue has not been disclosed yet. If none of these are relevant to this bug report, then we shall have to open a new bug report to cover those, I guess. * Sites can no longer change framed content on other sites: see our advisory[1] * Fixed an issue that could allow cross-site scripting, as reported by Chris Weber of Casaba Security: details will be disclosed at a later date * Custom shortcuts no longer pass the wrong parameters to applications, as reported by Michael A. Puls II: see our advisory[2] * Prevented insecure pages from showing incorrect security information, as reported by Lars Kleinschmidt: see our advisory[3] * Feed links can no longer link to local files: see our advisory[4] * Feed subscription can no longer cause the wrong page address to be displayed: see our advisory[5] [1] http://www.opera.com/support/search/view/893/ [2] http://www.opera.com/support/search/view/894/ [3] http://www.opera.com/support/search/view/895/ [4] http://www.opera.com/support/search/view/896/ [5] http://www.opera.com/support/search/view/897/
The Opera 9.52 changelog [1] doesn't appear to cover this particular vulnerability. Moreover, I haven't seen a test case for it, and the information appears to be second hand - Mozilla developers appear to be talking about how Opera solved the top-level domain issue and that they aren't satisfied with that approach. I don't see any disclosure of how Opera handles that now. [1] http://www.opera.com/docs/changelogs/linux/952/
This seems to still be unfixed in Opera. Not sure how to proceed.
Still no confirmation it has been fixed but here are additional links regarding the matter: https://bugzilla.mozilla.org/show_bug.cgi?id=385299 https://bugzilla.mozilla.org/show_bug.cgi?id=252342
RESOLVED FIXED in mozilla1.9beta2 from upstream.
(In reply to Aaron Bauman from comment #6) > RESOLVED FIXED in mozilla1.9beta2 from upstream. Mozilla fixed Opera?