=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN223
_____________________________________________________________________

DATE                      : 21/06/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Opera versions prior to 10.54.

======================================================================
http://www.opera.com/support/kb/view/954/
______________________________________________________________________

Advisory: Opera may be used as a vector for a font issue in the underlying
operating system



Affected versions

This vulnerability may be targeted through Opera for Windows.


Severity

Extremely Severe


Description

A flaw in the font handling on the Windows operating system has been fixed by
Microsoft. On unpatched systems, Web fonts may be used to exploit this issue
through Opera.


Opera's response

For complete protection, users should apply the patch provided by Microsoft.
Opera Software has also released Opera 10.54, which prevents Opera from being
used to exploit this issue on unpatched systems.


Credits

Thanks to Microsoft's security team for reporting this issue to Opera Software.


======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================