Opera 10.5: First Vulnerability Uncovered, Opera Says It Is Almost Impossible to Exploit
It seems something slipped by the development team of Opera 10.5 during its speedy development process – just to put things in perspective, in just two days a grand total of 5 release candidates were rolled out; and on the third day the final, stable version of Opera 10.5 was made available for download.
Why the big rush? Opera 10.5 final had to be released by at the start of the month because this month is when Microsoft rolled out the choice screen (the browser ballot screen presented to Windows users in Europe that have Internet Explorer set as default). Judging by the fact that Opera 10.5 downloads reportedly tripled since Microsoft started to present its customers with the choice screen, it becomes obvious why Opera 10.5 had to be released this month.
So what did slip by? According to Vupen Security, company that specializes in providing vulnerability management and intelligence solutions, Opera 10.5 and previous versions are affected by a vulnerability that if exploited by a person with malicious intent, could lead to remote code execution.
“A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing malformed HTTP "Content-Length:" headers, which could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server,” says Vupen Security.
The good news is that the vulnerability primarily causes the browser to crash; exploiting the vulnerability so as to run arbitrary code on the targeted machine is extremely difficult, if not impossible, said Opera spokesperson Thomas Ford. To stay safe and protected, users need only turn on DEP (Data Execution Prevention), a security feature present in modern Windows versions. Learn how to turn on DEP by clicking on one of the following links: XP users here, Vista users here and Windows 7 users here.
If you would like to get Opera 10.5, download the software here.
Tags: Opera Software, Opera 10.5, Security, Vupen Security, Vulnerability
Why the big rush? Opera 10.5 final had to be released by at the start of the month because this month is when Microsoft rolled out the choice screen (the browser ballot screen presented to Windows users in Europe that have Internet Explorer set as default). Judging by the fact that Opera 10.5 downloads reportedly tripled since Microsoft started to present its customers with the choice screen, it becomes obvious why Opera 10.5 had to be released this month.
Advertising
So what did slip by? According to Vupen Security, company that specializes in providing vulnerability management and intelligence solutions, Opera 10.5 and previous versions are affected by a vulnerability that if exploited by a person with malicious intent, could lead to remote code execution.
“A vulnerability has been identified in Opera, which could be exploited by remote attackers to compromise a vulnerable system. This issue is caused by a buffer overflow error when processing malformed HTTP "Content-Length:" headers, which could be exploited by remote attackers to crash an affected browser or execute arbitrary code by tricking a user into visiting a web page hosted on a malicious web server,” says Vupen Security.
The good news is that the vulnerability primarily causes the browser to crash; exploiting the vulnerability so as to run arbitrary code on the targeted machine is extremely difficult, if not impossible, said Opera spokesperson Thomas Ford. To stay safe and protected, users need only turn on DEP (Data Execution Prevention), a security feature present in modern Windows versions. Learn how to turn on DEP by clicking on one of the following links: XP users here, Vista users here and Windows 7 users here.
If you would like to get Opera 10.5, download the software here.
Tags: Opera Software, Opera 10.5, Security, Vupen Security, Vulnerability
I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 10 Feb 2012
With the release of Wolfram|Alpha Pro, the team behind the popular computational knowledge engine took a very big step forward
By George Norman on 10 Feb 2012
Microsoft has just announced that this February, as part of the Patch Tuesday program, it will roll out a grand total of 9 security bulletins to all customers all over the world.Related News
By George Norman on 05 Jan 2012
This is proof that there are a lot of threats on the web and the perfect example of why you should use a properly good security solution to secure your data against viruses and other malware
By George Norman on 17 Nov 2011
We all know that the internet is a dangerous place. There are all sorts of nasties out there, from viruses and worms to scammers and cyber criminals. As a parent, it is your task to make sure that your children stay safe online. This means you have to
By George Norman on 11 Nov 2011
On Thursday, the 10th of November, Norwegian developer Opera Software announced that the Beta version of Opera 11.60 has been released to the public. This version of the Opera web browser carries the codename “Tunny”, which is another name for tuna, a fish known for 
By George Norman on 28 Nov 2011
Back in August we were reporting that Avast has a grand total of 160 million registered Avast! Free Antivirus Users. Fabricia from Brazil, the 160 millionth user to register the free antivirus product was rewarded withAdvertising
Hot Software Updates
Top Downloads
2.
Opera5.
Trillian8.
AIM9.
Skype10.
Ad-Aware12.
Nero13.
Google Earth14.
Picasa15.
Winamp16.
iTunes17.
RealPlayer18.
uTorrent19.
eMule20.
WinRAR21.
BitComet22.
WinZip23.
Shareaza24.
CCleaner25.
Recuva26.
Tweak UI27.
CuteFTP Home29.
Adobe Reader30.
NewsPiperBecome A Fan!
Link To Us!
Opera 10.5: First Vulnerability Uncovered, Opera Says It Is Almost Impossible to Exploit
HTML Linking Code
HTML Linking Code