{"id":10101,"date":"2013-01-30T09:50:38","date_gmt":"2013-01-30T17:50:38","guid":{"rendered":"http:\/\/www.intego.com\/mac-security-blog\/?p=10101"},"modified":"2013-01-30T09:50:38","modified_gmt":"2013-01-30T17:50:38","slug":"opera-releases-browser-version-12-13-with-security-fixes-and-more","status":"publish","type":"post","link":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/","title":{"rendered":"Opera Releases Browser Version 12.13 with Security Fixes and More"},"content":{"rendered":"<p>Opera released its first web browser <a href=\"http:\/\/www.opera.com\/docs\/changelogs\/unified\/1213\/\" target=\"_blank\">upgrade<\/a> of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to arbitrary code execution. The recommended upgrade offers security fixes and stability enhancements, along with general and User Interface (UI) fixes:<\/p>\n<ul>\n<li>Fixed an issue where Opera gets internal communication errors on Facebook<\/li>\n<li>Fixed an issue where no webpages load on startup if Opera is disconnected from the Internet<\/li>\n<li>Fixed an issue where images will not load after back navigation, when a site uses the HTML5 history API (e.g., deviantart.com)<\/li>\n<\/ul>\n<p><img loading=\"lazy\" class=\"aligncenter\" title=\"Opera-Security-Update-Tile\" src=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png\" alt=\"Opera browser security updates\" width=\"400\" height=\"260\" \/><\/p>\n<p>In addition to a number of general and UI issues fixed in this software upgrade, Opera Software resolved two high-severity issues and one low-severity issue. Details of the three security issues are as follows:<\/p>\n<p>An issue where DOM events manipulation might be used to execute arbitrary code:<\/p>\n<blockquote><p>Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed.<\/p><\/blockquote>\n<p>Issues where use of SVG clipPaths can allow execution of arbitrary code:<\/p>\n<blockquote><p>When SVG documents with specifically prepared clipPaths are used in Opera, Opera may allow other content to overwrite the memory, before referencing the memory, which will lead to a crash. If an attacker can control the contents being written into memory, execution of arbitrary code may occur.<\/p><\/blockquote>\n<p>A problem where CORS requests can omit the preflight request:<\/p>\n<blockquote><p>Cross-Origin Resource Sharing (CORS) requests are required to send a preflight request if custom headers are included, to check that the host wishes to allow the full request to be made. An example of where this may be needed is for sites that use a custom header with a static value as part of their protection against Cross Site Request Forgery (XSRF) attacks.<\/p>\n<p>In some specific cases, Opera may forget to make the preflight request. This means that any site that uses a custom XMLHttpRequest header as their only protection against XSRF, can have that protection compromised by a specific type of CORS request in Opera. An attacking site could provide that same static header value, and bypass the preflight request, allowing it to submit the request to the target site without permission. In such cases, the HTTP Referer header is sent correctly, which may be used by the target site to detect the attack.<\/p><\/blockquote>\n<p>Due to the issue where CORS requests can omit the preflight requests, Opera Software strongly encourages website authors to use more reliable XSRF protection techniques, &#8220;such as sending a secret token in the form of data for any HTTP requests (including XMLHttpRequests) that will initiate sensitive actions,&#8221; the company said. &#8220;These secret tokens can then be validated by the server-side code before performing the action.&#8221;<\/p>\n<p>Users can update the software using the program\u2019s built-in updater (choose Opera &gt; Check for Updates), through its auto-updater (this can be turned on in Preferences &gt; Advanced &gt; Security), or from the <a href=\"http:\/\/www.opera.com\/\" target=\"_blank\">Opera website<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to arbitrary code execution. The recommended upgrade offers security fixes and stability enhancements, along with general and User Interface (UI) fixes: Fixed an issue where Opera gets internal communication errors [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":9925,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"spay_email":"","jetpack_publicize_message":"","jetpack_is_tweetstorm":false},"categories":[13],"tags":[93,201],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v17.4 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<meta name=\"description\" content=\"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Opera Releases Browser Version 12.13 with Security Fixes and More - The Mac Security Blog\" \/>\n<meta property=\"og:description\" content=\"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/\" \/>\n<meta property=\"og:site_name\" content=\"The Mac Security Blog\" \/>\n<meta property=\"article:published_time\" content=\"2013-01-30T17:50:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png\" \/>\n\t<meta property=\"og:image:width\" content=\"400\" \/>\n\t<meta property=\"og:image:height\" content=\"260\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Derek Erwin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\",\"name\":\"Intego\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"sameAs\":[],\"logo\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png\",\"width\":875,\"height\":875,\"caption\":\"Intego\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#logo\"}},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/\",\"name\":\"The Mac Security Blog\",\"description\":\"Keep Macs safe from the dangers of the Internet\",\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png\",\"contentUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png\",\"width\":\"400\",\"height\":\"260\",\"caption\":\"Opera browser security updates\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage\",\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/\",\"name\":\"Opera Releases Browser Version 12.13 with Security Fixes and More - The Mac Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage\"},\"datePublished\":\"2013-01-30T17:50:38+00:00\",\"dateModified\":\"2013-01-30T17:50:38+00:00\",\"description\":\"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to\",\"breadcrumb\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.intego.com\/mac-security-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Opera Releases Browser Version 12.13 with Security Fixes and More\"}]},{\"@type\":\"Article\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage\"},\"author\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\"},\"headline\":\"Opera Releases Browser Version 12.13 with Security Fixes and More\",\"datePublished\":\"2013-01-30T17:50:38+00:00\",\"dateModified\":\"2013-01-30T17:50:38+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage\"},\"wordCount\":511,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png\",\"keywords\":[\"Opera\",\"Security Updates\"],\"articleSection\":[\"Security &amp; Privacy\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#respond\"]}]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812\",\"name\":\"Derek Erwin\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\/\/www.intego.com\/mac-security-blog\/#personlogo\",\"inLanguage\":\"en-US\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g\",\"caption\":\"Derek Erwin\"},\"url\":\"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"description":"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/","og_locale":"en_US","og_type":"article","og_title":"Opera Releases Browser Version 12.13 with Security Fixes and More - The Mac Security Blog","og_description":"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to","og_url":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/","og_site_name":"The Mac Security Blog","article_published_time":"2013-01-30T17:50:38+00:00","og_image":[{"width":"400","height":"260","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png","type":"image\/png"}],"twitter_card":"summary_large_image","twitter_misc":{"Written by":"Derek Erwin","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Organization","@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization","name":"Intego","url":"https:\/\/www.intego.com\/mac-security-blog\/","sameAs":[],"logo":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2022\/10\/intego-organization-logo-for-google-knowledge-graph-875x875-1.png","width":875,"height":875,"caption":"Intego"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#logo"}},{"@type":"WebSite","@id":"https:\/\/www.intego.com\/mac-security-blog\/#website","url":"https:\/\/www.intego.com\/mac-security-blog\/","name":"The Mac Security Blog","description":"Keep Macs safe from the dangers of the Internet","publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.intego.com\/mac-security-blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage","inLanguage":"en-US","url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png","contentUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png","width":"400","height":"260","caption":"Opera browser security updates"},{"@type":"WebPage","@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage","url":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/","name":"Opera Releases Browser Version 12.13 with Security Fixes and More - The Mac Security Blog","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage"},"datePublished":"2013-01-30T17:50:38+00:00","dateModified":"2013-01-30T17:50:38+00:00","description":"Opera released its first web browser upgrade of the year to version 12.13 for Mac OS X and other operating systems, fixing bugs mostly related to","breadcrumb":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.intego.com\/mac-security-blog\/"},{"@type":"ListItem","position":2,"name":"Opera Releases Browser Version 12.13 with Security Fixes and More"}]},{"@type":"Article","@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#article","isPartOf":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage"},"author":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812"},"headline":"Opera Releases Browser Version 12.13 with Security Fixes and More","datePublished":"2013-01-30T17:50:38+00:00","dateModified":"2013-01-30T17:50:38+00:00","mainEntityOfPage":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#webpage"},"wordCount":511,"commentCount":0,"publisher":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/#organization"},"image":{"@id":"https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#primaryimage"},"thumbnailUrl":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png","keywords":["Opera","Security Updates"],"articleSection":["Security &amp; Privacy"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.intego.com\/mac-security-blog\/opera-releases-browser-version-12-13-with-security-fixes-and-more\/#respond"]}]},{"@type":"Person","@id":"https:\/\/www.intego.com\/mac-security-blog\/#\/schema\/person\/d7586ee278e291223dbae05ec1d95812","name":"Derek Erwin","image":{"@type":"ImageObject","@id":"https:\/\/www.intego.com\/mac-security-blog\/#personlogo","inLanguage":"en-US","url":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f88b4bb259f7d5b1d10884ffa4b3c126?s=96&d=mm&r=g","caption":"Derek Erwin"},"url":"https:\/\/www.intego.com\/mac-security-blog\/author\/derek-erwin\/"}]}},"jetpack_featured_media_url":"https:\/\/www.intego.com\/mac-security-blog\/wp-content\/uploads\/2013\/01\/Opera-Security-Update-Tile.png","jetpack_publicize_connections":[],"jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p4VAYd-2CV","amp_enabled":true,"_links":{"self":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10101"}],"collection":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/comments?post=10101"}],"version-history":[{"count":13,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10101\/revisions"}],"predecessor-version":[{"id":10141,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/posts\/10101\/revisions\/10141"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media\/9925"}],"wp:attachment":[{"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/media?parent=10101"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/categories?post=10101"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/origin.intego.com\/mac-security-blog\/wp-json\/wp\/v2\/tags?post=10101"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}