Opera patches two browser security flaws
Results 1 to 3 of 3

Thread: Opera patches two browser security flaws

  1. #1
    In And Above Man Black Cluster's Avatar
    Join Date
    Feb 2005
    Posts
    912

    Opera patches two browser security flaws

    Opera Software ASA has released an upgrade addressing two serious security flaws involving Macromedia's Flash Player and a code execution bug affecting Linux and Unix users.

    The first problem relates to Flash Player and was made public earlier this month. Macromedia warned that the bug in Flash Player, a widely used piece of desktop software, could allow attackers to take over a system.

    The security research firm co-credited with discovering the bug, eEye, said it had demonstrated "reliable exploitation" using the bug in the Internet Explorer browser, but other browsers are also said to be just as open to attack.

    Opera's fix arrived this week with Opera 8.5.1, which includes Flash Player version 7r61, fixing the problem.

    The release also fixes a problem identified by Secunia Research, involving the shell script used to launch Opera in Linux and Unix environments. The flawed script processes shell commands enclosed in URLs passed to Opera via the command line.

    That means an attacker could execute malicious shell commands on a user's system via an innocent-seeming URL in an email message, for example. The command would be executed when the user clicked on the URL and invoked Opera.

    The shell script bug doesn't just affect Opera -- it is a variant of a problem with the Firefox browser disclosed in September.

    Opera said the update also improves stability when viewing pages with Java for users of Japanese Mac OS X systems.

    Source
    \"The only truly secure system is one that is powered off, cast in a block of concrete and sealed in a lead-lined room with armed guards - and even then I have my doubts\".....Spaf
    Everytime I learn a new thing, I discover how ignorant I am.- ... Black Cluster

  2. #2
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,535
    The release also fixes a problem identified by Secunia Research, involving the shell script used to launch Opera in Linux and Unix environments. The flawed script processes shell commands enclosed in URLs passed to Opera via the command line.
    I played with that one
    rather funny..

    Update your Opera's (not that they don't warn you any time you start and an update is out)..
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

  3. #3
    Senior Member
    Join Date
    Nov 2005
    Posts
    316
    got the updated version. had to unintall the opera 8.5.1 though.

    and the best part is, its free. wonder why they were charging everybody in the past. a lot of people bought too.
    you are entering the vicinity of an area adjecent to the location.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

 Security News

     Patches

       Security Trends

         How-To

           Buying Guides