Opera hit by buffer overflow glitch - Techist - Tech Forum

Go Back   Techist - Tech Forum > Computer Software > Microsoft Windows and Software
Click Here to Login
Closed Thread
 
Thread Tools Display Modes
 
Old 10-19-2006, 03:49 PM   #1 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default Opera hit by buffer overflow glitch

Opera users are being urged to upgrade to a new version of the browser following the discovery of a potentially serious security bug.

The flaw means that vulnerable versions of the browsers will crash when visiting maliciously constructed web sites containing overly long (more than 256 bytes) URLs. Successful exploitation of this heap-based buffer overflow flaw creates a means for hackers to load malware onto the machines of visiting surfers.

The vulnerability affects versions 9.0 and 9.01 of Opera on Windows and Linux. Version 8.x of the browser software is not at risk to this particular flaw but rather than downgrading a better solution is to upgrade to version 9.02, as explained in Opera's advisory here. Opera described the flaw, discovered by security researcher firm iDefense, as "moderate".


http://www.theregister.com/2006/10/1..._security_bug/
__________________

__________________
Osiris is offline  
Old 10-19-2006, 04:43 PM   #2 (permalink)
Call me Mak or K
Mod Emeritus
 
KSoD's Avatar
 
Join Date: Sep 2004
Location: C:\
Posts: 35,647
Default

Considering that Opera 9.02 has been out since 9/21 i dont see why people wouldnt have upgraded and avoided this flaw altogether.
__________________

__________________
I do not accept support questions via EMail, PM, IM or my G+ page!

Phone: LG Optimus G Pro
Running: Stock JB from LG with Nova Launcher

KSoD is offline  
Old 10-19-2006, 04:47 PM   #3 (permalink)
Master Techie
 
Join Date: Feb 2004
Posts: 2,172
Send a message via AIM to Win2kpatcher
Default

Quote:
Originally posted by Makaveli213
Considering that Opera 9.02 has been out since 9/21 i dont see why people wouldnt have upgraded and avoided this flaw altogether.
There are people who refuse to move off of Windows 98 ;-)
Win2kpatcher is offline  
Old 10-19-2006, 04:56 PM   #4 (permalink)
Banned
 
Join Date: Sep 2005
Posts: 5,191
Default

Haha! Take that Opera users!
The General is offline  
Old 10-19-2006, 05:05 PM   #5 (permalink)
PowerQuest / Opera
 
TheMajor's Avatar
 
Join Date: Jun 2004
Location: Netherlands
Posts: 10,177
Default

Vulnerablility has been discovered quite a while after 9.02 was released. Nothing to worry about.
Firefox has a lot more vulnerabilities.
__________________
TheMajorMMX - Intel P200 MMX @ 225Mhz - V-Tech (PcPartner) Baby-AT mb w/ Intel Triton TX chipset - Nvidia Riva TNT2 M64 w/ 16MB - 256MB M-Tec SDRAM - Still running.....
TheMajor is offline  
Old 10-19-2006, 07:55 PM   #6 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

they all have thousands of issues, its just a matter of finding them
__________________
Osiris is offline  
Old 10-19-2006, 07:57 PM   #7 (permalink)
Techie Beyond Description
 
Osiris's Avatar
 
Join Date: Jan 2005
Location: Kentucky
Posts: 36,817
Send a message via ICQ to Osiris Send a message via AIM to Osiris Send a message via MSN to Osiris Send a message via Yahoo to Osiris
Default

Microsoft responded Thursday to reports of the first exploit affecting Internet Explorer 7, which cropped up less than 24 hours after the browser's official launch. Christopher Budd from Microsoft's Security Response Center says the flaw lies not in IE7, but in an Outlook Express component.

This fact could explain why the problem first surfaced back in November 2003 and was found to affect IE6 last April. "While these reports use Internet Explorer as a vector the vulnerability itself is in Outlook Express," Budd said. Microsoft notes it has received no reports of any attacks against customers, but is investigating the situation and may release a patch if necessary.


http://www.betanews.com/article/MS_I...ess/1161290765
__________________

__________________
Osiris is offline  
Closed Thread

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off




Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 04:57 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.