Get our new Windows 7 eBook (PDF) for $7 with 70+ Tips. Download Now!

Opera System Information Disclosure Weakness

Friday, November 26th, 2004
by Marc Erickson

No Related Post

CRITICAL:
Not critical

IMPACT:
Exposure of system information

WHERE:
From remote

SOFTWARE:
Opera 7.x

DESCRIPTION:
Marc Schoenefeld has reported a weakness in Opera, which can be
exploited by malicious people to disclose some system information.

Opera accesses the JRE (Java Runtime Environment) directly instead of
using the Java plugin. The problem is that the “accessClassInPackage”
permission is improperly given to the “sun.*” packages, which can be
exploited by a malicious untrusted applet to gain knowledge of the
full path to the currently logged in user’s username and installation
directory.

Successful exploitation requires that Sun Java is installed and that
the permission “accessClassInPackage sun.*” is given in
“Opera.policy” (default).

The weakness has been reported in version 7.54. Other versions may
also be affected.

SOLUTION:
The weakness has been fixed in the beta version of 7.60 and will be
included in the upcoming 7.60 version.

Tags

Categories

Technology

What Do You Think?

Posted Recently

Shifting Blame Is Socially Contagious

Sustainable Food Production Isn’t So Sustainable

Developing ‘Green’ Tires That Boost Mileage And Cut Carbon Dioxide Emissions

Researchers Create ‘Fly Paper’ To Capture Circulating Cancer Cells

UCLA Study Shows Brain’s Ability To Reorganize

New Research Helps Explain Why Bird Flu Has Not Caused A Pandemic

Better Way To Harness Waste Heat

Five Exercises Can Reduce Neck, Shoulder Pain Of Women Office Workers

UT’s Kraken Named World’s Third Fastest Computer, ORNL’s Jaguar Is #1

Tiny Bubbles Clean Oil From Water

Warmer Means Windier On World’s Biggest Lake

Researchers Find Potential Treatment For Huntington’s Disease

Transcendental Meditation Helped Heart Disease Patients Lower Cardiac Disease Risks By 50%

Record Highs Far Outpace Record Lows Across US

Mystery Contemplated By Charles Darwin Solved

Study Offers Tips On Taming The Boogie Monster

Sponges Recycle Carbon To Give Life To Coral Reefs

Pushing Light Beyond Its Known Limits

Researchers Turn Algae Into High-Temperature Hydrogen Source

To Make Memories, New Neurons Must Erase Older Ones

Faulty Body Clock May Make Kids Bipolar

Energy-Saving Powder

Drug Industry, Nonprofits Join Forces To Fight World’s Neglected Diseases

Ice Cream Researchers Making Sweet Strides With ‘Functional Foods’

Remains Of Minoan-Style Painting Discovered During Excavations Of Canaanite Palace

Improvements Proposed For Electronic Voting By Internet

Rutgers Computer Scientists Work To Strengthen Online Security

Yoga Boosts Heart Health

Darwin Meets Facebook

Researchers Find New Way To Spot Fraud

1930s Drug Slows Tumor Growth

Past Climate Of Antarctica Informs Global Warming Debate

58% Of U.S. Doctors Report Patients Have Difficulty Paying

Atlanta’s Fernbank Museum Tracks Infamous Conquistador Through Southeast

Oral Contraceptives May Benefit Women With Asthma

New Evidence Supports 19th Century Idea On Formation Of Oil And Gas

Internet Search Process Affects Cognition, Emotion

Quantum Gas Microscope Offers Glimpse Of Quirky Ultracold Atoms

‘The Eyes Have It’ For ID Verification

Research Leads To Improved Human, Object Detection Technology

35 queries / 0.526 seconds.