Another cross-site hole in Opera
opera:historysearch can be exploited for other malicious activities in the local database and whether the flaw gives potential attackers access to other files or data.
Browser security specialist Aviv Raff now claims to have found a way of starting arbitrary locally stored files. To do this, Raff uses Opera's execution of external mail applications and changes the applications to local ones. To infect a computer a web page could, for example, first make Opera download malware via FTP and then prompt the browser to execute it.
According to a report by ZDNet.com, a second and functional exploit has already been circulated for the current version of Opera. There is no update to fix this vulnerability. Whether Opera has already been informed about the problem is unknown. Users are advised to switch to a different browser until an update becomes available.
- Opera Stored Cross Site Scripting, Beschreibung von Aviv Raff