Opeara 10.50...Fast...but unsafe....


Report from Vupen Security
Vulpen Security:
A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing malformed HTTP "Content-Length:" headers, which could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server.




Opera says bug probably can't commandeer machines
Official Opera spokesman, Thomas Ford:
"We believe that the bug primarily causes a crash, and that exploiting the vulnerability to execute code is extremely difficult, if not impossible" spokesman Thomas Ford
Ford also said Opera is in the process of pushing out an update that patches the bug

http://www.theregister.co.uk/2010/03/05 ... erability/
To not be exposed to any danger Opera users should turn off Data Execution Prevention (DEP)

No comments:

Post a Comment