iDefense published details about a heap overflow vulnerability in Opera browsers.
The vulnerability can be exploited with a tag that contains a URL bigger than 256 bytes, and looks like a typical heap overflow which is relatively easy to exploit.
Opera versions 9.0 and 9.01 on both Windows and Linux are confirmed to be vulnerable. Version 8 is not vulnerable.
It is recommended that you upgrade to version 9.02 which fixes this vulnerability: http://www.opera.com/support/search/supsearch.dml?index=848.
I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS London July 2019
Oct 18th 2006
1 decade ago