• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Browser URI Obfuscation Weakness

Solution:
Opera version 7.52 and 7.53 are not vulnerable to this issue.

Gentoo has released an advisory (GLSA 200407-15) to address this and other issues in Opera. Please see the referenced advisory for more information. Gentoo users may carry out the following commands to upgrade their computers:

emerge sync
emerge -pv ">=net-www/opera-7.53"
emerge ">=net-www/opera-7.53"

Gentoo has released a second advisory GLSA 200408-05 dealing with this issue. All Opera users should upgrade to the latest stable version:

# emerge sync

# emerge -pv ">=net-www/opera-7.54"
# emerge ">=net-www/opera-7.54"

Please see the referenced Gentoo advisory for more information.

Microsoft has released a cumulative update for Internet Explorer to address this and other vulnerabilities. Updates for Internet Explorer on Microsoft Windows 98/98SE/ME may be obtained through Windows Update.

Nortel Networks has released security advisory 2005005511-2 acknowledging this issue. Please the referenced advisory for further information.


Microsoft Internet Explorer 6.0 SP1

• Microsoft Cumulative Security Update for Internet Explorer 6 Service Pack 1 for Windows XP/2000 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=E473CD05-3320 -4322-B437-F3A61E62F567


• Microsoft Cumulative Security Update for Internet Explorer 6 SP1 64-bit Edition (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=7EAE62C0-3DA0 -4BAC-B2FE-ECE89959053D

Microsoft Internet Explorer 6.0 SP2 - do not use

• Microsoft Cumulative Security Update for Internet Explorer for XP Service Pack 2 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=82056EAB-8367 -4B04-A11A-1002D14EB55B

Microsoft Internet Explorer 6.0

• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4DC0FE8A-9D03 -4AB8-8EAF-C85FF25CB1A2


• Microsoft Cumulative Security Update for Internet Explorer for Windows Server 2003 64-bit Edition (KB867282)
  http://www.microsoft.com/downloads/details.aspx?familyid=E3C4DA1F-6FA2 -4A2B-A6D9-24B599C353B3&displaylang=en

Microsoft Internet Explorer 5.0.1 SP4

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 4 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=4C2CBB4B-2F00 -4CD6-BB98-AD14A48B53C0

Microsoft Internet Explorer 5.0.1 SP3

• Microsoft Cumulative Security Update for Internet Explorer 5.01 for Windows 2000 Service Pack 3 (KB867282)
  http://www.microsoft.com/downloads/details.aspx?FamilyId=34F5BCDE-4EE2 -4EFD-BB60-F5A6BC5F56D1

Opera Software Opera Web Browser 7.51

• Opera Software Opera 7.53
  http://www.opera.com/download/