Opera 10.10 Plugs Extremely and Highly Severe Security Holes
The Opera Software team recently announced the release of Opera 10.10 as a final, stable software application. The most interesting thing about Opera 10.10 is that it has Opera Unite built-in. Thanks to Opera Unite users can turn their computer into a web server; they can for example share photos online or stream music to a mobile phone, game console or anther computer. As CEO Jon von Tetzchner sees it, Opera Unite helps the company deliver its promise to reinvent the web – promise Opera made when it first announced Opera Unite.
“We promised Opera Unite would reinvent the Web. What we are really doing is reinventing how we as consumers interact with the Web. By giving our devices the ability to serve content, we become equal citizens on the Web. In an age where we have ceded control of our personal data to third-parties, Opera Unite gives us the freedom to choose how we will share the data that belongs to us,” commented Jon von Tetzchner.
If Opera Unite is not enough to push you to update to version 10.10, here is something that just might – the 10.10 update fixes a extremely severe and a highly severe security vulnerability. For security reasons at lest, you should update your Opera browser to version 10.10.
The extremely severe vulnerability refers to a heap overflow in string to number conversion. When Opera uses JavaScript to parse very long strings through the string to number conversion, it may lead to heap buffer overflow. Most times this will result in Opera freezing or terminating. In some instances Opera will crash – if someone with malicious intent could get Opera to crash in this manner, then it could lead to remote code execution. Additional techniques will have to be used to inject code though.
The highly severe vulnerability refers to error messages that can leak to unrelated sites. Normally, scripting error messages are available only to the page that caused the error. In some instances these error messages could be passed to other sites – which is an issue if the error messages contain sensitive information. This vulnerability could be used for cross-site scripting. The upside is that the vulnerability only affects installations where stacktraces for exceptions are enabled (they are not enabled by default).
It should be noted that Opera 10.10 also fixes a moderately severe issue uncovered by Google Security Team member Chris Evans. Details on this vulnerability are being withheld for the time being. Opera Software announced it would disclose them “at a later date”.
“We promised Opera Unite would reinvent the Web. What we are really doing is reinventing how we as consumers interact with the Web. By giving our devices the ability to serve content, we become equal citizens on the Web. In an age where we have ceded control of our personal data to third-parties, Opera Unite gives us the freedom to choose how we will share the data that belongs to us,” commented Jon von Tetzchner.
If Opera Unite is not enough to push you to update to version 10.10, here is something that just might – the 10.10 update fixes a extremely severe and a highly severe security vulnerability. For security reasons at lest, you should update your Opera browser to version 10.10.
The extremely severe vulnerability refers to a heap overflow in string to number conversion. When Opera uses JavaScript to parse very long strings through the string to number conversion, it may lead to heap buffer overflow. Most times this will result in Opera freezing or terminating. In some instances Opera will crash – if someone with malicious intent could get Opera to crash in this manner, then it could lead to remote code execution. Additional techniques will have to be used to inject code though.
The highly severe vulnerability refers to error messages that can leak to unrelated sites. Normally, scripting error messages are available only to the page that caused the error. In some instances these error messages could be passed to other sites – which is an issue if the error messages contain sensitive information. This vulnerability could be used for cross-site scripting. The upside is that the vulnerability only affects installations where stacktraces for exceptions are enabled (they are not enabled by default).
It should be noted that Opera 10.10 also fixes a moderately severe issue uncovered by Google Security Team member Chris Evans. Details on this vulnerability are being withheld for the time being. Opera Software announced it would disclose them “at a later date”.
