VULHUB ™

It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient sanitization of user-supplied data through the 'Opera:' URI handler. The issue may allow an attacker to traverse outside a directory by using '..%5c' or '..%2f' character sequences. Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system. Opera Web Browser versions 7.22 and prior are reported to be prone to this issue. It has been reported that this issue may be exploited with another issue described in BID 9019 to drop files onto a client system in a predictable location and cause these files to be executed.

It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient sanitization of user-supplied data through the 'Opera:' URI handler. The issue may allow an attacker to traverse outside a directory by using '..%5c' or '..%2f' character sequences. Successful exploitation of this vulnerability may allow a remote attacker to gain access to sensitive information that may be used to launch further attacks against a vulnerable system. Opera Web Browser versions 7.22 and prior are reported to be prone to this issue. It has been reported that this issue may be exploited with another issue described in BID 9019 to drop files onto a client system in a predictable location and cause these files to be executed.