Articles récents

Catégories

mai 2014

[Opera Security Advisory DNA-19280] Address bar spoofing with Data URIs

Advisory: Address bar spoofing with Data URIs UPDATE Link: http://www.opera.com/blogs/security/2014/05/security-changes-opera-21/ Announced: May 6, 2014 Reporter: Security researcher Jordi Chancel Impact: Low Products: Opera Fixed in: Opera 21 Description When a user chooses to open a link in a new tab, this should still display the address as normal. However, with Data URIs, Opera would accidentally right-align the address field, showing the wrong end of the address. Again, this could allow

[Opera Security Advisory DNA-18354] Address bar spoofing with downloads

Advisory: Address bar spoofing with downloads UPDATE Link: http://www.opera.com/blogs/security/2014/05/security-changes-opera-21/ Announced: May 6, 2014 Reporter: Security researcher Jordi Chancel Impact: Low Products: Opera Fixed in: Opera 21 Description This unrelated bug only occurred when the user dragged and dropped a URL into the address bar, which started a download. The address bar would then be right aligned, showing the wrong end of the address. This could allow a specially crafted URL