post #1 of 1
Thread Starter 
A new update to beef up the security of Opera Software's desktop browser has now been made available. Opera 9.63 comes to fix:

- Manipulating text input contents can allow execution of arbitrary code, as reported by Red XIII.
- HTML parsing flaw can cause Opera to execute arbitrary code, as reported by Alexios Fakos.
- Long hostnames in file: URLs can cause execution of arbitrary code, as reported by Vitaly McLain.
- Script injection in feed preview can reveal contents of unrelated news feeds, as reported by David Bloom.
- Built-in XSLT templates can allow cross-site scripting, as reported by Robert Swiecki of the Google Security Team.
- Fixed an issue that could reveal random data, as reported by Matthew of Hispasec Sistemas.
- SVG images embedded using < img > tags can no longer execute Java or plugin content, suggested by Chris Evans.

The devs recommend the update to version 9.63 so be sure to visit this page and get the new release which is available for Windows, Linux and Mac OS X.


http://www.tcmagazine.com/comments.php?id=23474&catid=3