Opera is one of the really good browsers out there. The browser features many in-built capabilities like managing chat sessions on IRC, reading RSS feeds and working with browsing sessions apart from a common tabbed interface and a state of the art UI.
The browser has a serious and simple security hole which allows causing a buffer overflow by setting a particular header length for any HTTP packet. The exploit Opera crash if insufficient. The hack was discovered by Marcin Ressel, who is an author at hackown.
The vulnerability is caused due to an error when processing HTTP responses having a malformed “Content-Length” header. This can be exploited to cause a heap-based buffer overflow via an overly large 64-bit “Content-Length” value, having the higher 32-bit part negative.
[ Source ]
According to current reports, only version 10.5 of the browser is vulnerable to this type of an attack. The attack though, has no other impact than crashing the browser. The solution to the crash, is to enable DEP which prevents buffer overflows in software.
This bug was discovered at Vupen Security and they are claiming that hack can be used to remotely execute malicious codes and use remote computers as botnets which is quite contrary to what Opera officials are claiming.
Comment on This Post |
Tweet This |
Share on Facebook |
Save to Delicious |
Stumble This |
Digg This |
Reddit This
Don’t miss these Related Posts:
- New Highly Critical Vulnerability Discovered in Opera for Windows
- DEP: the Windows Security Feature has been Cracked
- Opera 10.01 Released – Fixes Multiple Security Vulnerabilities
- Internet Explorer Vulnerability Causes Downloads of Firefox and Opera to Surge in Germany
- Download Phantom of the Opera: Special Edition Opera Browser for Halloween
Join Techie Buzz on Your Favorite Social Networking Sites