GreyMagic Opera Security Research
-
GM#009-OP: Opera Local File/Directory Detection.
Vulnerability: Opera discloses whether local resources exist.
Date: 17-Aug-2004.
Status: Patched in Opera 7.54. -
GM#008-OP: Location, Location, Location.
Vulnerability: Opera fails to block write access to location object.
Date: 05-Aug-2004.
Status: Patched in Opera 7.54. -
GM#007-OP: Phishing for Opera.
Vulnerability: Opera may be fooled to display a fake address.
Date: 03-Jun-2004.
Status: Patched in Opera 7.51. -
GM#006-OP: Sniffing Opera's Tracks.
Vulnerability: Opera permits indirect access to a list of URLs visited by the user in the current session.
Date: 04-Feb-2003.
Status: Patched in Opera 7.01. -
GM#005-OP: Opera: What's Next.
Vulnerability: Opera exposes the last and next URLs in the browser's history.
Date: 04-Feb-2003.
Status: Patched in Opera 7.01. -
GM#004-OP: Opera Images.
Vulnerability: Opera fails to format input strings correctly when viewing single local images.
Date: 04-Feb-2003.
Status: Patched in Opera 7.01. -
GM#003-OP: Phantom of the Opera.
Vulnerability: Opera fails to format input strings correctly in its Javascript console.
Date: 04-Feb-2003.
Status: Patched in Opera 7.01. -
GM#002-OP: Opera's Security Model is Highly Vulnerable.
Vulnerability: Opera implements an incorrect caller-based model and allows external overriding of methods.
Date: 04-Feb-2003.
Status: Patched in Opera 7.01. -
GM#001-OP: Reading ANY local file in Opera.
Vulnerability: Opera's file element's security model can be circumvented.
Date: 27-May-2002.
Status: Patched in Opera 6.03.