Reported February 4, 2003, by Grey Magic Security Research.
VERSIONS AFFECTED
-
Opera Web Browser 7.0 and earlier
DESCRIPTION
Opera Software's Opera Web Browser 7.0 and earlier contains five newly discovered vulnerabilities. Three of these vulnerabilities can permit full read access to the user's file system and allow an intruder to list contents of directories, read files, and access email messages on the vulnerable system. The other two vulnerabilities expose sensitive private information about the user by permitting Web access to URLs that the user has recently visited. For specific details about these vulnerabilities, go to the discoverer's Web site.
VENDOR RESPONSE
Opera Software has released Opera Web Browser 7.01, which isn't vulnerable to these conditions.
CREDIT
Discovered by Grey Magic Security Research.