|
|
To print: Select File and then Print from your browser's menu
-------------------------------------------------------------- This story was printed from ZDNet Australia. --------------------------------------------------------------
|
Opera update plugs security holes By Patrick Gray, 0 November 24, 2003 URL: http://www.zdnet.com.au/news/security/soa/Opera-update-plugs-security-holes/0,130061744,120281312,00.htm
A new version of Opera, released on Friday, fixes two vulnerabilities in the popular Web browser. The vulnerabilities, disclosed to the bugtraq security mailing list over the weekend, allow rogue Web sites to take control of a victim's computer by exploiting weaknesses in the way the browser handles skin files. An advisory, written by Jouko Pynnönen of Finland, describes scenarios which would allow an attacker to seize control of systems running Opera, all of which require some degree of user interaction to be successfully exploited. "In order to be exploited, these vulnerabilities require the victim to visit a Web page created by a malicious user," he wrote. While Pynnönen says one vulnerability affects Windows systems only, the second, buffer overflow vulnerability will allow an attacker to take control of Linux based systems. "The directory traversal problem doesn't exist on Linux... Other versions weren't tested," the advisory read. "[However] the buffer overflow can be produced on Linux, too." A new version of Opera is available here.
Copyright © 2009 CBS Interactive, a CBS Company. All Rights Reserved. |
