JavaScript Security Bug in Opera
A critical vulnerability has been discovered in the Opera Web browser.
The vulnerability, which has been assigned the CVE ID CVE-2007-4367 could be exploited by attackers to execute arbitrary malicious code. The bug, which has not yet been precisely specified, occurs on executing JavaScript code and can lead to a virtual function being called with an invalid pointer. An attacker would need to trick an Opera user into visiting a carefully crafted website to run the exploit.
Both security professionals Secunia and Opera regard the bug as highly critical. The vulnerability affects all older versions prior to 9.22 independently of the operating system platform. Opera users are advised to update to version 9.23 of Opera which was released yesterday. Besides the fix, the new version also includes stability enhancements. The browser is available from the Norwegian developer's website.
Issue 199/2017
Buy this issue as a PDF
News
-
Red Hat Announces OpenShift.io
Red Hat takes its IDE online.
-
Microsoft Bakes Linux into Windows Server
Microsoft is slowly becoming a Linux vendor.
-
Fearless Coyote, Linux Kernel 4.11 is Out
The new kernel makes swap implementation more scalable, which will help cloud providers.
-
Docker Appoints Steve Singh CEO
The new CEO comes from a very strong SaaS background.
-
Docker Announces Linux Kit and Moby Project
Both projects help organizations build their own containerized systems.
-
Ubuntu Returns to Gnome as Its Mobile Plans Shatter
Mark Shuttleworth has resumed the position of CEO of Canonical.
-
Microsoft is Shutting Down CodePlex
Microsoft's open source code hosting platform CodePlex will come to an end after a more than 10-year stint.
-
Fedora 26 Alpha Released
Comes with Gnome 3.24
-
Old Linux Kernel Bug Discovered
The bug was introduced back in 2009 and has been lurking around all this time.
-
OpenSSH 7.5 Released
The new release deprecates the sshd_config UsePrivilegeSeparation option.