Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Heap overflow vulnerability in Opera 9.0, 9.01

Published: 2006-10-18
Last Updated: 2006-10-18 20:30:43 UTC
by Bojan Zdrnja (Version: 1)
0 comment(s)
iDefense published details about a heap overflow vulnerability in Opera browsers.
The vulnerability can be exploited with a tag that contains a URL bigger than 256 bytes, and looks like a typical heap overflow which is relatively easy to exploit.

Opera versions 9.0 and 9.01 on both Windows and Linux are confirmed to be vulnerable. Version 8 is not vulnerable.

It is recommended that you upgrade to version 9.02 which fixes this vulnerability: http://www.opera.com/support/search/supsearch.dml?index=848.

Keywords:
0 comment(s)
Diary Archives