Two vulnerabilities have been reported in Opera, which can can be exploited by malicious people to disclose potentially sensitive information or to manipulate certain data.
1) An error exists in the TLS protocol while handling session re-negotiations. This can be exploited to insert arbitrary plaintext before data sent by a legitimate client in an existing TLS session via Man-in-the-Middle (MitM) attacks.
2) An error in the handling of widget properties can result in widget information or configuration options for the widget leaking to third party domains.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to email@example.com