The Register®

Original URL: http://www.theregister.co.uk/2001/11/20/a_fright_at_the_opera/

A fright at the Opera

It ain't over 'til the fat lady pings

By John Leyden

Posted in Security, 20th November 2001 16:18 GMT

Free whitepaper – Unified Server Configurator

JavaScript vulnerabilities in Opera could allow hackers to access users' cookies and other potentially sensitive files.

Veteran bug hunter Georgi Guninski has discovered that versions of the Web browser on both Windows and Linux allow the execution of script code across domains.

This means it's possible for a hacker to set up malicious script code on a Web page which, when executed by Opera, allows access to the cookie-based authentication credentials of another Web site, Guninski warns (http://www.securityfocus.com/archive/1/240468). Cookies can contain sensitive information, such as usernames/passwords.

The vulnerabilities (which are believed to affect Opera 5.02, 5.10, 5.11 and 5.12 for Windows as well as Opera 5.0 for Linux) may also expose a browser's cache and history files.

Jon Von Tetzchnor, chief executive of Opera, told us that testing and development for a patch to fix the problem is underway, and a solution should be available by the end of the month. He also points out that Internet Explorer and Netscape browsers have been affected by similar cross-site scripting flaws in the past.

In the meantime Opera advises users to consider disabling JavaScript execution and enabling the "use cookies to trace password protected documents" option, which addresses the most troubling aspect of the problem. ®

External Links

Opera Cross-Site Scripting Vulnerability (from BugTraq) (http://www.securityfocus.com/bid/3553)
Guninski 's advisory (http://www.securityfocus.com/archive/1/240468)

Related Stories

Opera tolerating MSN.co.uk goes live (http://www.theregister.co.uk/content/6/22714.html)
Opera to challenge e-envoy over UK govt 'Windows tax' (http://www.theregister.co.uk/content/archive/19275.html)
Opera to be default browser in Symbian ref designs (http://www.theregister.co.uk/content/archive/19249.html)
Opera 5.0 for Linux to ship next week (http://www.theregister.co.uk/content/archive/18869.html)
Opera browser goes free with version 5.0 launch (http://www.theregister.co.uk/content/archive/15263.html)
Guninski finds new ActiveX security hole in OXP (http://www.theregister.co.uk/content/archive/20373.html)
MS gets hacked off with bug hunter (http://www.theregister.co.uk/content/archive/16233.html)