Opera Fixes High-Severity Hole

Wednesday, November 21, 2012 @ 09:11 AM gHale


The 12.11 release of Opera’s web browser addresses a high-severity security vulnerability that could allow a remote attacker to execute arbitrary code on a victim’s system.

The problem in previous versions of the browser was because of an error when handling HTTP responses that caused a heap-based buffer overflow, the company said.

RELATED STORIES
Opera Site Serving Malvertising
Malware Alert: USB Smart Readers
New Java Attack in Exploit Kit
Malware with Terms of Service Pact

For an attack to be successful, a victim must first visit a maliciously crafted site.

The update also closes a low-severity security hole that could detect what files a user has on their machine.

Non-security-related changes include fixes for several issues related to the SPDY networking protocol, a problem that prevented Google’s Gmail email service from loading, and a crashing bug under Mac OS X. Opera advises all users to upgrade to the latest version.

Opera 12.11 is available to download for Windows, Mac OS X, Linux, FreeBSD and Solaris from the company’s site.



Leave a Reply

You must be logged in to post a comment.