Opera fixes security flaw
By secgeeks - Posted on August 15th, 2007
Tagged:
143
vote
Opera Software has updated its browser to fix a “highly critical” flaw attackers could exploit to run malicious code on targeted machines. Like Firefox, many use Opera as an alternative to Microsoft’s Internet Explorer browser, which has suffered countless attacks over the years.
According to the Opera security advisory, “A virtual function call on an invalid pointer that may reference
data crafted by the attacker can be used to execute arbitrary code.” Danish vulnerability clearinghouse Secunia put it this way in its SA26477 advisory: “The vulnerability is caused due to an unspecified error when processing JavaScript code and can result in a virtual function call using an invalid pointer. This can be exploited to execute arbitrary code by tricking a user into visiting a malicious Web site.”
The flaw has been fixed in Opera 9.23.
In its advisory, Opera tips it hat to Mozilla.org for providing their JavaScript fuzzer during the mitigation process.
Bookmark/Search this post with:
Trackback URL for this post:
http://secgeeks.com/trackback/912
Recent comments
30 weeks 5 days ago
33 weeks 2 days ago
1 year 1 week ago
1 year 2 weeks ago
1 year 2 weeks ago
1 year 18 weeks ago
1 year 34 weeks ago
2 years 25 weeks ago
2 years 26 weeks ago
2 years 28 weeks ago