=====================================================================
                                   CERT-Renater

                        Note d'Information No. 2010/VULN551
_____________________________________________________________________

DATE                      : 17/12/2010

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running Opera version prior to 11.0.

======================================================================
http://www.opera.com/support/kb/view/977/
http://www.opera.com/support/kb/view/979/
______________________________________________________________________


Advisory: Web page content can display misleading security information

Severity
Moderate

Description

Dialogs such as the security information dialog and download dialog are
displayed over the top of the webpage content. In some cases, webpage
content will be incorrectly displayed on top of the dialogs, or over
parts of the dialogs. This content can then display misleading
security information, which may be used to convince a user to trust a
malicious download, or to to disclose sensitive information.

Opera's response

Opera Software has released Opera 11.00, where this issue has been fixed.
_____________________________________________________________________


Advisory: WAP form content can be leaked to other sites

Severity
Low

Description

When accepting user input in form fields on a WAP page, WML requires
that the input contents are remembered, and used to populate every
further input sharing the same name. This should continue as long as
the user continues to click links (known as a WAP session), even
populating similarly named inputs on other sites. WAP site authors
are expected to remove sensitive information from the browser context
by clearing the variables containing this information. Failure to
clear this information could lead to the sensitive information being
leaked to other sites that are linked to.

When the user creates a new WAP session by manually entering a new
URL to visit, any existing variables are supposed to be cleared.
Opera failed to clear the variables in this case, allowing sensitive
information to be leaked to unrelated sites even if the user manually
navigated to those sites, not just when accessed through links.

Opera's response

Opera Software has released Opera 11.00, where this issue has been
fixed. WML still requires WAP site authors to clear any variables
containing sensitive information, to avoid that information being
leaked to sites that are accessed through links. Authors are encouraged
to use HTML and HTTP in place of WML and WAP.

======================================================================

          =========================================================
          Les serveurs de référence du CERT-Renater
          http://www.urec.fr/securite
          http://www.cru.fr/securite
          http://www.renater.fr
          =========================================================
          + CERT-RENATER          | tel : 01-53-94-20-44          +
          + 23 - 25 Rue Daviel    | fax : 01-53-94-20-41          +
          + 75013 Paris           | email: certsvp@renater.fr     +
          =========================================================