nav search
Data Center Software Security Transformation DevOps Business Personal Tech Science Emergent Tech Bootnotes BOFH

Opera hit by buffer overflow glitch

Big links crash browser

By John Leyden, 19 Oct 2006

Opera users are being urged to upgrade to a new version of the browser following the discovery of a potentially serious security bug.

The flaw means that vulnerable versions of the browsers will crash when visiting maliciously constructed web sites containing overly long (more than 256 bytes) URLs. Successful exploitation of this heap-based buffer overflow flaw creates a means for hackers to load malware onto the machines of visiting surfers.

The vulnerability affects versions 9.0 and 9.01 of Opera on Windows and Linux. Version 8.x of the browser software is not at risk to this particular flaw but rather than downgrading a better solution is to upgrade to version 9.02, as explained in Opera's advisory here. Opera described the flaw, discovered by security researcher firm iDefense, as "moderate". ®

The Register - Independent news and views for the tech community. Part of Situation Publishing