Marc Schoenefeld has reported a weakness in Opera, which can be exploited by malicious people to disclose some system information. Opera accesses the JRE (Java Runtime Environment) directly instead of using the Java plugin. The problem is that the "accessClassInPackage" permission is improperly given to the "sun.*" packages, which can be exploited by a malicious untrusted applet to gain knowledge of the full path to the currently logged in user's username and installation directory.
Solution:
News source: Secunia
Solution:
- The weakness has been fixed in the beta version of 7.60 and will be included in the upcoming 7.60 version.
News source: Secunia
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.