Security flaws in Opera Software's Web browser could put the privacy of Opera users at risk, an Israeli Web application company warned Tuesday. The company, GreyMagic Software of Jerusalem, known for its disclosure of security bugs in Microsoft's Internet Explorer browser, detailed what it says are five new vulnerabilities in Opera 7 for Windows, the Web browser software launched a week ago by Opera of Oslo.
Three of the vulnerabilities allow an attacker to browse a victim's hard drive and read any file using a file browser complete with a folder tree and file viewer, GreyMagic said in a statement. The company said the flaws lie in the way Opera handles Javascript and image files and considers the vulnerabilities "critical." The two other flaws are "severe breaches of privacy" as they can disclose part of the user's browsing history to a malicious Web site operator, GreyMagic said.
Opera was informed by GreyMagic on Friday and plans to release a new version of its browser soon to address the issues, Live Leer, an Opera spokesperson said. "We have been working on the issues since Friday and we will release a new version either tonight or tomorrow. We want to rectify the issues as soon as possible," she said. The flaws are apparently easy to exploit.
View: Article @ Pcworld.com
-1 Comments - Add comment