Threat Level: green Handler on Duty: Russ McRee

SANS ISC: Heap overflow vulnerability in Opera 9.0, 9.01 SANS ISC InfoSec Forums

Special Webcast: What you need to know about the crypt32.dll vulnerability. Register Now

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Heap overflow vulnerability in Opera 9.0, 9.01
iDefense published details about a heap overflow vulnerability in Opera browsers.
The vulnerability can be exploited with a tag that contains a URL bigger than 256 bytes, and looks like a typical heap overflow which is relatively easy to exploit.

Opera versions 9.0 and 9.01 on both Windows and Linux are confirmed to be vulnerable. Version 8 is not vulnerable.

It is recommended that you upgrade to version 9.02 which fixes this vulnerability: http://www.opera.com/support/search/supsearch.dml?index=848.

I will be teaching next: Web App Penetration Testing and Ethical Hacking - SANS Brussels February 2020

Bojan

388 Posts
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!