CVE-2009-2351 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2351): Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the content of a Refresh header, a related issue to CVE-2009-1312.
jer, is this fixed in the newest in-tree version? From http://downloads.securityfocus.com/vulnerabilities/exploits/mustlive-browser.txt: With request to script at web site: http://www.example.com/script.php?param=javascript:alert(document.cookie) Which returns in answer the refresh header: refresh: 0; URL=javascript:alert(document.cookie)
CVE-2009-3269 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3269): Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a series of automatic submissions of a form containing a KEYGEN element, a related issue to CVE-2009-1828.
Vulnerable versions are no longer in the team. GLSA Vote: No.
Age -> GLSA Vote: No.
Thanks, folks. Closing noglsa with two No votes.