CVE-2008-4696 Information

Description

Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the \optional fragment) which is not properly escaped before storage in the History Search database (aka md.dat).

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-10/msg00009.html http://secunia.com/advisories/32299 http://secunia.com/advisories/32394 http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://securityreason.com/securityalert/4504 http://www.openwall.com/lists/oss-security/2008/10/21/6 http://www.openwall.com/lists/oss-security/2008/10/22/5 http://www.opera.com/docs/changelogs/freebsd/961/ http://www.opera.com/docs/changelogs/linux/961/ http://www.opera.com/docs/changelogs/mac/961/ http://www.opera.com/docs/changelogs/solaris/961/ http://www.opera.com/docs/changelogs/windows/961/ http://www.opera.com/support/search/view/903/ http://www.security-assessment.com/files/advisories/2008-10-22_Opera_Stored_Cross_Site_Scripting.pdf http://www.securityfocus.com/archive/1/497646/100/0/threaded http://www.securityfocus.com/bid/31869 http://www.vupen.com/english/advisories/2008/2873 https://exchange.xforce.ibmcloud.com/vulnerabilities/46003 https://www.exploit-db.com/exploits/6801