Released on the 12th but better late than never…. Opera 7.54u1
Advisory: Opera security advisory 2004-12-10
Platform: All platforms
Opera security advisory
- Named frames or windows can be hi-jacked by malicious frames or windows.
- Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
- Applets have access to sun.* packages
- Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
- Liveconnect reveals the path to the user’s home directory. This can make other vulnerabilities easier to exploit.
Severity: Moderate/highVulnerable versions of Opera
- 7.54 and earlier
Go get it!