Opera Software ha reso disponibile una nuova release del suo browser contenente alcune fix finalizzate ad un'incremento della sicurezza. Seguono le informazioni ufficiali:
- Named frames or windows can be hi-jacked by malicious frames or windows.
- Periods in the file name and non-breaking spaces in the Content-Type header can make the save/open dialog misleading. A user may be convinced that an executable file is something else, for example a PDF document.
- Applets have access to sun.* packages
- Liveconnect: com.opera.EcmascriptObject constructor is accessible to Java
- Liveconnect reveals the path to the user's home directory. This can make other vulnerabilities easier to exploit.
Questa versione del software supporta i Sistemi Operativi Microsoft Windows 98/ME/2000/XP e non include la JVW per l'esecuzione dei processi scritti in Java
Collegamenti
tag: opera | security | update | web | web browser
|