=====================================================================
                                    CERT-Renater

                         Note d'Information No. 2008/VULN272
_____________________________________________________________________

DATE                      : 04/07/2008

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Opera versions prior to
                                                              9.51.

======================================================================
http://www.opera.com/support/search/view/887/
______________________________________________________________________

Advisory: canvas functions can reveal data from random places in memory

Severity
Moderately severe


Problem description

There is a flaw in the way that certain canvas functions are handled,
that can cause the canvas to be painted with very small amounts of data
constructed from random memory. The resulting canvas image can be read
and analyzed by JavaScript, so an attacker can get random samples of the
user's memory, which may contain sensitive data.


Opera's response

Opera Software has released Opera 9.51, where this issue has been fixed.


Credits

Thanks to Philip Taylor for reporting this issue to Opera Software.

======================================================================

           =========================================================
           Les serveurs de référence du CERT-Renater
           http://www.urec.fr/securite
           http://www.cru.fr/securite
           http://www.renater.fr
           =========================================================
           + CERT-RENATER          | tel : 01-53-94-20-44          +
           + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
           + 75013 Paris           | email: certsvp@renater.fr     +
           =========================================================