Opera 10.61 Is Out, Fixes High Severity Vulnerability
Article by George Norman
On 13 Aug 2010
After the release of Opera 10.6 this July, the Norwegian software developer follows up with the release of Opera 10.61, an update that all Opera 10.6 users should get. There is a very good reason why Opera users should get the update: security. You see, Opera 10.61 is a security and stability update that fixes a high severity vulnerability.

If exploited by a person with malicious intent, this high severity vulnerability could allow the hacker to execute harmful code and take complete control of a target computer. Here are the details Opera Software released:

Advertising

Title: Heap buffer overflow in HTML5 canvas can be used to execute arbitrary code
Severity: High (Opera uses a 5-tier severity rating: none, low, moderate, high and critical).
Description: Performing some painting operations on a canvas while certain transformations are being applied in Opera may result in heap buffer overflows. In most cases Opera will just
freeze or terminate, but in some cases this could lead to a crash which could be used to execute code. To inject code, additional techniques will have to be employed.
Credit: this vulnerability was reported by Kuzzcc.

Opera 10.61 plugs two other security holes: a moderate severity vulnerability and a low severity vulnerability.

Here are the details on the moderate vulnerability:
Title: Unexpected changes in tab focus can be used to run programs from the Internet
Severity: Moderate
Description: Tabs may be used to obscure a download dialog that is visible in another tab. The dialog will allow the user to choose to run downloaded executables directly. If the tab
is closed or hidden at the moment that a user was about to click, they can end up clicking on the buttons in the dialog, causing the downloaded file to be executed. Previous versions of Opera had a delay before the button would respond to counteract this possibility. A recent interface change caused this protection not to function correctly.
Credit: Secunia’s Jakob Balle and Sven Krewitt reported this issue to Opera Software

And here are the details on the low vulnerability:
Title: News feed preview can subscribe to feeds without interaction
Severity: Low
Description
: When Opera is previewing a news feed, certain types of content do not have their scripts removed correctly. These scripts are able to subscribe the user to the feed
without their consent.
Credit: This issue was reported to Opera Software by Alexios Fakos.

If you would like to get Opera 10.61, you can download the browser here.
A full changelog is available here.



Tags: Opera Software, Opera 10.61
About the author: George Norman
George is a news editor.
You can follow him on Google+, Facebook or Twitter

I Hope you LIKE this blog post! Thank you!
What do YOU have to say about this
blog comments powered by Disqus
Popular News
By George Norman on 17 Aug 2017
With the blockbuster movie season upon us, Sony decided to celebrate the occasion with a sale: the Attack of the Blockbusters Sale that offers discounts of up to 50% (60% if you’re a PlayStation Plus member) on a ton of PS4 video games.
By George Norman on 17 Aug 2017
Samsung’s new T5 portable solid-state drive (PSSD) uses the latest 64-layer V-NAND technology, offers between 250GB and 2TB of storage capacity, has a lightweight and shock-resistant design that’s smaller than the average business card, and delivers industry-leading transfer speeds of up to 540 MB/s.
Related News
By George Norman on 14 Aug 2017
Opera Max, the Android app that uses compression technology to help you save data and get up to 50% more from your data plan, has been discontinued. The app is no longer featured on Opera.com and it’s no longer listed on Google Play.
Sponsored Links
Hot Software Updates
Top Downloads
Become A Fan!
Link To Us!
Opera 10.61 Is Out, Fixes High Severity Vulnerability
HTML Linking Code