|
Opera BitTorrent Header Parsing Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA26138
|
|
|
Release Date:
|
2007-07-19
|
|
Last Update:
|
2007-07-27
|
|
|
Critical:
|
Highly critical
|
|
Impact:
|
System access
|
|
Where:
|
From remote
|
|
Solution Status:
|
Vendor Patch
|
|
| Software: | Opera 9.x
|
| | CVE reference: | CVE-2007-3929 (Secunia mirror)
|
|
|
Want to know the next time vulnerabilities are fixed in this product?
- Companies can be alerted via email and SMS! |
|
|
Description:
A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system
The vulnerability is caused due to Opera using already freed memory when parsing BitTorrent headers and can lead to an invalid object pointer being dereferenced. This can be exploited to execute arbitrary code, when the user is tricked into clicking on a specially crafted BitTorrent file and then removes it via a right-click from the download pane.
The vulnerability is reported in version 9.21 on Windows. Other versions may also be affected.
Do you have this product installed on your home computer? Scan using the free Personal Software Inspector. Check if a vulnerable version is installed on computers in your corporate network, using the Network Software Inspector.
Solution:
Update to version 9.22.
Provided and/or discovered by:
Discovered by enhalos and reported via iDefense Labs.
Changelog:
2007-07-27: Added CVE reference.
Original Advisory:
Opera:
http://www.opera.com/docs/changelogs/windows/922/
iDefense:
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=564
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
15 Related Secunia Security Advisories, displaying 10
|
|
|
1. Opera for Windows Unspecified Code Execution
|
|
2. Opera Canvas Functions Information Disclosure
|
|
3. Opera Multiple Vulnerabilities
|
|
4. Opera Multiple Vulnerabilities
|
|
5. Opera Multiple Vulnerabilities
|
|
6. Opera Multiple Vulnerabilities
|
|
7. Opera Multiple Vulnerabilities
|
|
8. Opera JavaScript Invalid Pointer Vulnerability
|
|
9. Opera "data:" URI Scheme Address Bar Spoofing Vulnerability
|
|
10. Opera Torrent File Handling Buffer Overflow Vulnerability
|
Show all related advisories
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
