- Active Links: 4697
- Pending Links: 347
- Todays Links: 0
- Active Articles: 32
- Pending Articles: 415
- Todays Articles: 0
- Total Categories: 33
- Sub Categories: 153
- Advisories and Patches
- Authentication
- Biometrics
- Blog
- Books
- Conference
- Consultants
- Country Specific
- Cryptography
- Device Management
- Directories
- Enviromental Safety
- Firewalls
- General Ads
- Hardening
- Honeypots and Honeynets
- Internet
- IPS/IDS
- Job Seeker
- Malicious Software
- News and Media
- Operating Systems
- Patch Management
- Physical Security
- Policy
- Products and Tools
- Public Key Infrastructure
- Security Information and Even Management (SIEM)
- Telecommunication
- VPN
- Vulnerability Management (VM)
- Wireless Networks
'Highly critical' flaw found in Opera browser |
|
| Date Added: March 10, 2010 03:45:15 AM | |
| Author: | |
| Category: Advisories and Patches | |
Security researchers are sounding the alarm for an unpatched, remote code execution flaw in the Opera Web browser. The vulnerability, rated “highly critical” by Secunia, can be exploited by malicious people to take complete control a user’s system.
From Secunia’s advisory: The vulnerability is caused due to an error when processing HTTP responses having a malformed “Content-Length” header. This can be exploited to cause a heap-based buffer overflow via an overly large 64-bit “Content-Length” value, having the higher 32-bit part negative. The vulnerability is confirmed in version 10.50 for Windows. Other versions may also be affected. In the absence of a patch, Opera users are urged to avoid browsing to untrusted Web sites or switch to an alternative browser. |
|
|
|
|