Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Unpatched Opera 10.50 and below code execution vulnerability

Published: 2010-03-05
Last Updated: 2010-03-05 16:03:04 UTC
by Kyle Haugsness (Version: 1)
1 comment(s)

Several mailing lists and readers (Juha-Matti) are reporting publicly available exploits for Opera 10.50 for Windows and below.  There actually seems to be at least two different vulnerabilities, both unpatched at this time.  One of them seems to be a DoS resulting in a browser crash, but the other looks like it will allow full code execution.  The vulnerability finders seem to indicate that these issues are known to exist in previous versions of the Opera also.  These are fairly serious and until Opera patches them, you may be well advised to stop using them for the time being.


-Kyle Haugsness

Keywords: opera
1 comment(s)
Diary Archives