LWN.net Logo

opera: integer overflow and SSL spoof

Package(s):opera CVE #(s):CVE-2006-3198 CVE-2006-3331
Created:July 3, 2006 Updated:July 5, 2006
Description: Opera before version 9.0 has an integer overflow vulnerability due to the improper handling of JPEG files. Also Opera did not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which could allow remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitate phishing attacks.
Alerts:
SuSE SUSE-SA:2006:038 2006-07-03

(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds