HTTP: Opera 'opera:config' Security Bypass Vulnerability

This signature detects Web pages containing dangerous function calls. A malicious Web site can exploit a known vulnerability in the Opera Web Browser and gain control of the client browser by bypassing security restrictions in the browser settings.

Extended Description

Opera is prone to a security-bypass vulnerability because it fails to adequately restrict access through 'iframe' scripts. Attackers can leverage this issue to alter the browser's configuration settings and potentially execute arbitrary code. Versions prior to Opera 9.20 are vulnerable.

Affected Products

Opera_software opera_web_browser

References

BugTraq: 41927

URL: http://www.opera.com/

Short Name
HTTP:STC:OPERA:OPERA-CONFIG
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
'opera:config' Bypass Opera Security Vulnerability bid:41927
Release Date
08/20/2010
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3336
False Positive
Unknown
Vendors

Opera_software

Found a potential security threat?