Report from Vupen Security
Vulpen Security:
A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing malformed HTTP "Content-Length:" headers, which could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server.
Opera says bug probably can't commandeer machines
http://www.theregister.co.uk/2010/03/05 ... erability/
Official Opera spokesman, Thomas Ford:
"We believe that the bug primarily causes a crash, and that exploiting the vulnerability to execute code is extremely difficult, if not impossible" spokesman Thomas Ford
Ford also said Opera is in the process of pushing out an update that patches the bughttp://www.theregister.co.uk/2010/03/05 ... erability/
To not be exposed to any danger Opera users should turn off Data Execution Prevention (DEP)
Posts
No comments:
Post a Comment