Opera Multiple Vulnerabilities

Secunia ID	SA27277
CVE-ID	CVE-2007-5476, CVE-2007-5540, CVE-2007-5541
Release Date	17 Oct 2007
Last Change	18 Oct 2007
Solution Status	Vendor Patch
Software	Opera 5.x Opera 6.x Opera 7.x Opera 8.x Opera 9.x
Where	From remote "From remote" describes other vulnerabilities where the attack vector doesn't require access to the system or a local network. This category covers services that are acceptable to expose to the Internet (e.g. HTTP, HTTPS, SMTP). It also covers client applications used on the Internet and certain vulnerabilities where it is reasonable to assume that a security conscious user can be tricked into performing certain actions.
Impact	System access This covers vulnerabilities where malicious people are able to gain system access and execute arbitrary code with the privileges of a local user. Cross-Site Scripting Cross-Site Scripting vulnerabilities allow a third party to manipulate the content or behaviour of a web application in a user's browser, without compromising the underlying system. Different Cross-Site Scripting related vulnerabilities are also classified under this category, including "script insertion" and "cross-site request forgery". Cross-Site Scripting vulnerabilities are often used against specific users of a website to steal their credentials or to conduct spoofing attacks. Unknown Covers various weaknesses, security issues, and vulnerabilities not covered by the other impact types, or where the impact isn't known due to insufficient information from vendors and researchers.
Description	Some vulnerabilities have been reported in Opera, where one vulnerability has an unknown impact and others can be exploited by malicious people to conduct cross-site scripting attacks and to compromise a user's system. 1) Opera may launch external email or newsgroup clients incorrectly. This can be exploited to execute arbitrary commands by e.g. visiting a malicious website. Successful exploitation requires that the user has configured an external email or newsgroup client. 2) An error when processing frames from different websites can be exploited to bypass the same-origin policy. This allows to overwrite functions of those frames and to execute arbitrary HTML and script code in a user's browser session in context of other sites. 3) An unspecified error exists in Opera in combination with Adobe Flash Player 9.0.47.0 and earlier on Mac OS X. No further information is currently available. The vulnerabilities are reported in all versions of Opera for Desktop prior to version 9.24.
Solution	Update to version 9.24. http://www.opera.com/download/
Reported by	1) Michael A. Puls II 2) David Bloom 3) Reported by the vendor.
Original Advisory	1) http://www.opera.com/support/search/view/866/ 2) http://www.opera.com/support/search/view/867/ 3) http://www.opera.com/support/search/view/868/