X
Tech
Home Tech Security

Opera updates browser to plug security holes

Security flaws in the Opera browser, which opened both Windows- and Linux-based systems to attack, have been patched in the latest version
Written by Patrick Gray, Contributor

A new version of Opera, released on Friday, fixes two vulnerabilities in the popular Web browser.

The vulnerabilities, disclosed to the BugTraq security mailing list over the weekend, allow rogue Web sites to take control of a victim's computer by exploiting weaknesses in the way the browser handles skin files.

An advisory, written by Jouko Pynnönen of Finland, describes scenarios which would allow an attacker to seize control of systems running Opera, all of which require some degree of user interaction to be successfully exploited.

"In order to be exploited, these vulnerabilities require the victim to visit a Web page created by a malicious user," he wrote.

While Pynnönen says one vulnerability affects Windows systems only, the second, buffer overflow vulnerability will allow an attacker to take control of Linux-based systems.

"The directory traversal problem doesn't exist on Linux... Other versions weren't tested," the advisory read. "[However] the buffer overflow can be produced on Linux, too."

A new version of Opera is available here.

Editorial standards
Show Comments

Related

prioritize-hands-on-images

Buy a Costco membership for just $20 right now

The Creative Aurvana Ace 2 earbuds.

I listened to wireless earbuds with xMEMs drivers and they've set a new standard for me

Trophy technology

GPT-4 Turbo reclaims 'best AI model' crown from Anthropic's Claude 3