Heads up Opera users. New Vulnerability.

Page 1 of 3 123 LastLast

  1. Posts : 76
    Windows 7 RTM
       #1

    Heads up Opera users. New Vulnerability.


    Opera's latest release of 10.5 has a 'highly critical' security flaw. Secuina reports that this vulnerability may allow execution of remote code, and that it may also impact version 10.1 as well as 10.5. You can read more about it at this link.

    Marcin Ressel has discovered a vulnerability in Opera, which can be exploited by malicious people to compromise a user's system.

    The vulnerability is caused due to an error when processing HTTP responses having a malformed "Content-Length" header. This can be exploited to cause a heap-based buffer overflow via an overly large 64-bit "Content-Length" value, having the higher 32-bit part negative.

    Successful exploitation may allow execution of arbitrary code.

    The vulnerability is confirmed in version 10.50 for Windows. Other versions may also be affected.

    Solution
    Do not browse untrusted websites or follow untrusted links.
      My Computer


  2. sa1
    Posts : 5
    Win XP
       #2

    Secunia advisory 38820 (Content-Length Buffer Overflow in 10.50) turned out to be invalid. It is not exploitable.

    Twitter / Haavard: Secunia advisory 38820 (Co ...
      My Computer


  3. Posts : 76
    Windows 7 RTM
    Thread Starter
       #3

    sa1 said:
    Secunia advisory 38820 (Content-Length Buffer Overflow in 10.50) turned out to be invalid. It is not exploitable.

    Twitter / Haavard: Secunia advisory 38820 (Co ...
    Oh believe me, it's exploitable. Plenty much so. There are proof of concept attacks already published on the web, but I won't link to live exploits on this forum. I wouldn't be surprised if Opera is just trying to downplay this issue to the point of making people not care about it, because they just released 10.5 and it'll be another few months before they fix the gaping security hole.

    I'm pretty sure they're going to get into BIG trouble over this one if they play it that way. That's what got Adobe into trouble with the Aurora attacks, and one of the reasons that Google got hacked.
      My Computer


  4. sa1
    Posts : 5
    Win XP
       #4

    Can you PM me a link where the php code works? (Only if its acceptable to you. I won't spread it.). I want to try for myself.
    I don't know if they are playing the security-by-obscurity card. But haavard is only an employee and this is not the official Opera reply yet. At least they have a good track record at patching vulnerabilities quickly that do make it out into the open unlike IE. So hopefully if what you are saying is true, it should be fixed quickly.
      My Computer


  5. Posts : 76
    Windows 7 RTM
    Thread Starter
       #5

    sa1 said:
    Can you PM me a link where the php code works? (Only if its acceptable to you. I won't spread it.). I want to try for myself.
    I don't know if they are playing the security-by-obscurity card. But haavard is only an employee and this is not the official Opera reply yet. At least they have a good track record at patching vulnerabilities quickly that do make it out into the open unlike IE. So hopefully if what you are saying is true, it should be fixed quickly.
    Sure, I'll PM you with the URL to the PHP exploit as soon as I can. EDIT: For some reason the forums say you've been set to not receive private messages. Sorry, I can't seem to send you the link because of this!

    Notable, SANS just picked up this story as well. Their reporting says that there are actually two overflow vulnerabilities - one is a DoS crash, the other allows remote code execution. See this story for more details.
      My Computer


  6. Posts : 8,476
    Windows® 8 Pro (64-bit)
       #6

    Never used Opera.
      My Computer


  7. sa1
    Posts : 5
    Win XP
       #7

    Don't know why I am not configured to receive PMs but I didn't find an option.
    However I found the php exploit on the web.
    I was not able to make it run on my localhost. Not sure if there are any requirements.
    Regarding the DoS problem, thats not a security issue in my opinion, more a stability issue. You won't be compromised that way.
    Edit: haavard posted yet another message:
    http://twitter.com/opvard/status/10034578436
    Last edited by sa1; 05 Mar 2010 at 13:28.
      My Computer


  8. Posts : 408
    Windows 7 Home Premium 64-bit
       #8

    Dinesh said:
    Never used Opera.
    Then you are missing out. Opera is the ONLY browser I will ever use. This 10.50 version is fast...very, very fast.
      My Computer


  9. Posts : 170
    Windows Seven x64
       #9

    TheIgster said:
    Dinesh said:
    Never used Opera.
    Then you are missing out. Opera is the ONLY browser I will ever use. This 10.50 version is fast...very, very fast.
    Eh I dont know it crashes on heavy flash based websites like this sometimes.
    allkpop ? breaking k-pop celebrity gossip and news!

    Believe me i like Opera a lot but its still not ready. Its adobe issue with flash but I also hate that it appears with multiples on my task bar instead of me using the tabs built into the browser. I like the sleekness but what made it a very fun browser has me lost. I am not willing to part because of its gestures for right and left clicking with forward and backwards on web-pages.
    Jump-list and private is nice but I think ill roll back to 10.1 today
      My Computer


  10. Posts : 135
    Windows 7 Ultimate 32-bit Version 6.1 (build 7600.16385)
       #10

    Awww...I was just planning on a move. Oh well back to Firefox...
      My Computer


 
Page 1 of 3 123 LastLast

  Related Discussions
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 03:31.
Find Us