Reported February 4, 2003, by Grey Magic Security Research.

 

 

VERSIONS AFFECTED

 

  • Opera Web Browser 7.0 and earlier

 

DESCRIPTION

 

Opera Software's Opera Web Browser 7.0 and earlier contains five newly discovered vulnerabilities. Three of these vulnerabilities can permit full read access to the user's file system and allow an intruder to list contents of directories, read files, and access email messages on the vulnerable system. The other two vulnerabilities expose sensitive private information about the user by permitting Web access to URLs that the user has recently visited. For specific details about these vulnerabilities, go to the discoverer's Web site.

 

VENDOR RESPONSE

 

Opera Software has released Opera Web Browser 7.01, which isn't vulnerable to these conditions.

 

CREDIT

 

Discovered by Grey Magic Security Research.