4 Security Holes Addressed with the Release of Opera 12.13

Users are advised to update their web browsers as soon as possible

  Opera 12.13 released
Opera 12.13 has been released and users are advised to update their installations as soon as possible because this variant addresses four security issues that could be leveraged by cybercriminals.

Opera 12.13 has been released and users are advised to update their installations as soon as possible because this variant addresses four security issues that could be leveraged by cybercriminals.

Arthur Gerkis has identified a DOM events manipulation issue that can be exploited to cause the web browser to crash. In some scenarios, the crashes can be leveraged to execute arbitrary code.

An anonymous expert has notified Opera via the iSIGHT Partners GVP Program of a problem where the use of SVG clipPaths could allow the execution of malicious code.

“When SVG documents with specifically prepared clipPaths are used in Opera, Opera may allow other content to overwrite the memory, before referencing the memory, which will lead to a crash. If an attacker can control the contents being written into memory, execution of arbitrary code may occur,” the advisory reads.

A couple of low-severity vulnerabilities have also been addressed, one of them referring to the fact that Cross-Origin Resource Sharing (CORS) requests can omit the preflight requests.

Opera for Windows is available for download here
Opera for Mac is available for download here
Opera for Linux is available for download here

Comments