Ravens PHP Scripts

Opera Multiple Vulnerabilities
Date: Thursday, April 03, 2008 @ 19:36:16 CEST
Topic: Security


VERIFY ADVISORY: http://secunia.com/advisories/29662/

CRITICAL: Highly critical

IMPACT: System access

Opera 9.x http://secunia.com/product/10615/
Opera 5.x http://secunia.com/product/82/
Opera 6.x http://secunia.com/product/81/
Opera 7.x http://secunia.com/product/761/
Opera 8.x http://secunia.com/product/4932/

DESCRIPTION: Some vulnerabilities have been reported in Opera, which potentially can be exploited by malicious people to compromise a user's system. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 9.27.

1) An error when prompting the user to add a newsfeed can be exploited to cause an invalid memory access via a specially crafted newsfeed source.
2) An error exists in the processing of HTML CANVAS elements. This can be exploited to cause a memory corruption via specially crafted scaled pattern images.

SOLUTION: Update to version 9.27.

PROVIDED AND/OR DISCOVERED BY: The vendor credits Michal Zalewski.

ORIGINAL ADVISORY: Opera: http://www.opera.com/support/search/view/881/ - http://www.opera.com/support/search/view/882/

This article comes from Ravens PHP Scripts

The URL for this story is: