Opera 10.5: First Vulnerability Uncovered, Opera Says It Is Almost Impossible to Exploit

Article by George Norman (Cybersecurity Editor)

on 08 Mar 2010

It seems something slipped by the development team of Opera 10.5 during its speedy development process – just to put things in perspective, in just two days a grand total of 5 release candidates were rolled out; and on the third day the final, stable version of Opera 10.5 was made available for download.

Why the big rush? Opera 10.5 final had to be released by at the start of the month because this month is when Microsoft rolled out the choice screen (the browser ballot screen presented to Windows users in Europe that have Internet Explorer set as default). Judging by the fact that Opera 10.5 downloads reportedly tripled since Microsoft started to present its customers with the choice screen, it becomes obvious why Opera 10.5 had to be released this month.

So what did slip by? According to Vupen Security, company that specializes in providing vulnerability management and intelligence solutions, Opera 10.5 and previous versions are affected by a vulnerability that if exploited by a person with malicious intent, could lead to remote code execution.

“A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing malformed HTTP "Content-Length:" headers, which could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server,” says Vupen Security.

The good news is that the vulnerability primarily causes the browser to crash; exploiting the vulnerability so as to run arbitrary code on the targeted machine is extremely difficult, if not impossible, said Opera spokesperson Thomas Ford. To stay safe and protected, users need only turn on DEP (Data Execution Prevention), a security feature present in modern Windows versions. Learn how to turn on DEP by clicking on one of the following links: XP users here, Vista users here and Windows 7 users here.

If you would like to get Opera 10.5, download the software here.



Latest News


Sony's 'Attack of the Blockbusters Sale' Slashes Prices in Half for a Ton of PS4 Games

17 Aug 2017

How Samsung's New T5 Compares to the Old T3 Portable SSD (Infographic)

17 Aug 2017

See all