Opera fixes browser flaws

Several security holes, including ones that could be used in spoofing attacks, are plugged in browser update, company says.

Joris Evers Staff Writer, CNET News.com

Joris Evers covers security.

See full bio

Joris Evers

June 17, 2005 1:57 p.m. PT

Opera Software has updated its Web browser software to fix a handful of security flaws, including some that could be used by phishers and other attackers to spoof Web sites.

The Opera 8.01 update comes two months after the Norwegian software company released Opera 8, touting ease of use and tighter security.

Five security problems are resolved with the update, Opera said on its Web site. The most serious issues are rated "moderately critical" by security monitoring company Secunia, which also takes credit for discovering some of the issues.

The fixed flaws include an XMLHttpRequest redirect vulnerability and two cross-site scripting bugs, all of which could let an attacker access a victim's files or fake a trusted Web site, according to Secunia.

In addition to plugging security holes, Opera has fixed other issues in the browser, the company said. For example, the accuracy of the security bar has been improved, and the security icon behavior has been changed, Opera said.

Opera is a small player in the browser space and faces competition from Microsoft's Internet Explorer as well as the Mozilla Foundation's Firefox, which has gained nearly 7 percent of the U.S. market as of late April. Opera offers a free, ad-supported browser and a paid version without banner ads.