• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Opera Web Browser 9.62 History Search Input Validation Vulnerability

Opera Web Browser is prone to an input-validation vulnerability because of the way it stores data used for the History Search feature.

Attacker-supplied HTML and script code would run in the context of the affected site, potentially allowing the attacker to steal cookie-based authentication credentials, control how the site is rendered to the user, obtain sensitive information, alter the browser's configuration settings, or execute local programs in the context of the browser; other attacks are also possible.

Opera Web Browser 9.62 is vulnerable.

NOTE: This issue is related to BID 31992 (Opera Web Browser History Search and Links Panel Cross Site Scripting Vulnerabilities) and BID 31869 (Opera Web Browser History Search Input Validation Vulnerability), and may be caused by an incomplete fix for those issues.