CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
EPSS
Percentile
95.3%
Opera Software ASA reports about multiple security
fixes:
Fixed an issue where plug-ins could be used to allow
cross domain scripting, as reported by David
Bloom. Details will be disclosed at a later date.
Fixed an issue with TLS certificates that could be
used to execute arbitrary code, as reported by Alexander
Klink (Cynops GmbH). Details will be disclosed at a
later date.
Rich text editing can no longer be used to allow cross
domain scripting, as reported by David Bloom. See our
advisory.
Prevented bitmaps from revealing random data from
memory, as reported by Gynvael Coldwind. Details will be
disclosed at a later date.