Thanks to Rapier for posting in our Back Page News, Opera has made available the fix for the desktop version Opera 7.54 for all OSes in response to the following security advisories, some of which are by Secunia research:
Severity: Moderate/High
Opera has tightened origin check for frames and in addition to those fixes, improved support for the "must-revalidate" cache directive.
Download: Opera 7.54u1 for Opera 7.54 Windows with Java | Without Java
View: Downloads for other Operating Systems
- Named frames or windows can be hi-jacked by malicious frames or windows.
- Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
- Applets have access to sun.* packages
- Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
- Liveconnect reveals the path to the user's home directory. This can make other vulnerabilities easier to exploit.
Severity: Moderate/High
Opera has tightened origin check for frames and in addition to those fixes, improved support for the "must-revalidate" cache directive.
Download: Opera 7.54u1 for Opera 7.54 Windows with Java | Without Java View: Downloads for other Operating Systems
Commenting has either been disabled on this article or you are not logged in. Click here to login or register, its free!
Note: Anonymous commenting is disabled in order to keep the quality of responses to a high standard.