Opera uses Mozilla fuzzer to find, fix severe browser flaw
![ryan-naraine.jpg](https://www.zdnet.com/a/img/resize/58705b1ab848cb0209d7d7d504dffaab176d93aa/2014/07/22/4b4e2273-1175-11e4-9732-00505685119a/ryan-naraine.jpg?auto=webp&fit=crop&frame=1&height=192&width=192)
![Opera uses Mozilla fuzzer to find, fix flaw](https://www.zdnet.com/a/img/2014/10/04/47a90acd-4b66-11e4-b6a0-d4ae52e95e57/opera.png)
Using a JavaScript fuzzer released by Mozilla at Black Hat, Opera's security team has found and fixed a "highly severe" browser flaw that could be used in code execution attacks.
The problem:
A virtual function call on an invalid pointer that may reference data crafted by the attacker can be used to execute arbitrary code.
The flaw was found with jsfunfuzz, a JavaScript compiler/decompiler fuzzer built by Jesse Ruderman and released earlier this month by Mozilla security chief Window Snyder.
It is the first in a series of security tools that will be released by the open-source group.
Snyder said all the major browser vendors -- Opera and Microsoft -- were giving the fuzzer ahead of time and they were all comfortable with the idea of making it available to the public.