Advertisement
Promo

Security threats Toolkit

Opera updates browser to plug security holes

Patrick Gray ZDNet Australia

Published: 24 Nov 2003 09:25 GMT

  • Email
  • Trackback
  • Clip Link
  • Print friendly
  • Post Comment

A new version of Opera, released on Friday, fixes two vulnerabilities in the popular Web browser.

The vulnerabilities, disclosed to the BugTraq security mailing list over the weekend, allow rogue Web sites to take control of a victim's computer by exploiting weaknesses in the way the browser handles skin files.

An advisory, written by Jouko Pynnönen of Finland, describes scenarios which would allow an attacker to seize control of systems running Opera, all of which require some degree of user interaction to be successfully exploited.

"In order to be exploited, these vulnerabilities require the victim to visit a Web page created by a malicious user," he wrote.

While Pynnönen says one vulnerability affects Windows systems only, the second, buffer overflow vulnerability will allow an attacker to take control of Linux-based systems.

"The directory traversal problem doesn't exist on Linux... Other versions weren't tested," the advisory read. "[However] the buffer overflow can be produced on Linux, too."

A new version of Opera is available here.

  • Email
  • Trackback
  • Clip Link
  • Print friendlyPrint with EPSON

Did you find this article useful?
51 out of 101 people found this useful


In association with HP

Talkback

Post a comment


Full Talkback thread

0 comments

Related Links

More In Security threats


Company/Topic Alerts

Create a new alert from the list below:






Related BlackBerry Resources

Protecting the BlackBerry Device Platform Against Malware

BlackBerry Devices with Bluetooth - Security Overview

BlackBerry Enterprise Server IT Policy

BlackBerry Enterprise Solution - Security Technical Overview

BlackBerry Enterprise Solution and RSA SecurID

CIO's Guide to Mobile Security

See All White Papers

Video icon

Video

Sentry Posts Blog

Official Organizations Losing Data

How does this article from earlier today make you feel? How many more government, health service, or military officials are going to lose pen drives, DVDs, USB hard disks and even entire... More

2 comments

Twitter hack was DNS redirect

Twitter has said an attack on Thursday which took the site offline for many users was the result of a DNS redirect. A group calling itself the Iranian Cyber Army redirected users... More

1 comment

McKinnon lawyers seek judicial review

Lawyers seeking a judicial review for Nasa hacker Gary McKinnon lodged fresh evidence of his psychiatric state at the High Court on Thursday. Karen Todner, McKinnon's solicitor,... More

1 comment

Win a BlackBerry with Vlingo voice recognition

Win a BlackBerry with Vlingo voice recognition

What is ZDNet UK's usual tagline?

Competition closes - 14 Jan 2010


Skip Sub Navigation Links to CNET Brand Links

Help

Become part of the ZDNet community.

ALL TOOLKITS

Blogs

Newsletters