Homepage tabWindows tabGames tabDrivers tabMac tabLinux tabScripts buttonMobile tabHandheld tabGadgets tabNews tab


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
MEET THE EDITORS >>
Home / News / Security

Security

Opera 9.0 Vulnerability Allows for DoS

The bug is yet to be fixed

By Marius Oiaga, Technology News Editor

23rd of June 2006, 13:01 GMT

Adjust text size:


Just three days after coming out of its Beta phase and being released in its final version on the market a vulnerability has been reported in Opera 9.0. The flaw is a result of the application's
memory management when it is processing a malicious HTML document.

At the source of the vulnerability lies the way in which a hypertext anchor in a HTML document is used to reference a link. If the HREF (Hypertext REFefence) tag is designed of an excessive length, then an attacker can use that to create a DoS (Denial of Service) condition. The moment a user loads a HTML document that contains the malicious HREF tag, the browser will crash. Opera 9.0 is the sole version for which this vulnerability has been reported. So far, Opera has not issued any response or patch to fix the vulnerability.

When the browser Opera 9.0 was still in Beta phase, another vulnerability was reported relating to an integer overflow condition created by the application's attempt to process a specially crafted JPEG image that would allow an attacker access via a network and the possibility of arbitrary code execution. This vulnerability affected the Beta version and the ones prior to that but the flaw was repaired in Opera 9.0.

Both issues were declared particular vulnerabilities and received a Generic-Map-Nomatch tag.
Read by 1,717 user(s) | Add comment | Link to this article TWEET THIS


Article rating:
Good (3.2/5) 9 vote(s)    

Subscribe to news | Print article | Send to friend

© Copyright 2001-2009 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


Opera Releases Opera Mobile 8.6 for PocketPCs

Sell, Bid and Buy on eBay with Opera Mini Mobile Browser

Opera 9 Released

User opinions:


Comment #1 by: RadicalSatDude on 24 Jun 2006, 13:19 GMT reply to this comment

It's only a crash bug, but cannot be exploited.

Official Comment here:
http://my.opera.com/community/forums/topic.dml?id=145390

Crash Bug Discussion here:
http://my.opera.com/community/forums/topic.dml?id=144497

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 




Windows tabGames tabDrivers tabMac tabLinux tabScripts tabMobile tabHandheld tabGadgets tabNews tab

SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2009 Softpedia. All rights reserved.
Softpedia® and the Softpedia® logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive