JavaScript Security Bug in Opera
A critical vulnerability has been discovered in the Opera Web browser.
The vulnerability, which has been assigned the CVE ID CVE-2007-4367 could be exploited by attackers to execute arbitrary malicious code. The bug, which has not yet been precisely specified, occurs on executing JavaScript code and can lead to a virtual function being called with an invalid pointer. An attacker would need to trick an Opera user into visiting a carefully crafted website to run the exploit.
Both security professionals Secunia and Opera regard the bug as highly critical. The vulnerability affects all older versions prior to 9.22 independently of the operating system platform. Opera users are advised to update to version 9.23 of Opera which was released yesterday. Besides the fix, the new version also includes stability enhancements. The browser is available from the Norwegian developer's website.
Tag Cloud
News
-
Heartbleed Bleeds On
According to a report, many potential victims of the Heartbleed attack have patched their systems, but few have cleaned up the crime scene to protect themselves from the effects of a previous intrusion.
-
Drone Brain Goes Open Source
DARPA and NICTA release the code for the ultra-secure microkernel system used in aerial drones.
-
Password Management Services Vulnerable to Attack
Should you trust an online service to store your online passwords?
-
New Raspberry Pi Adds Two USB Ports
New B+ board lets you build cool things without the complication of a powered USB hub.
-
Microsoft Grabs No-IP.com Domains
Redmond rushes in to root out alleged malware haven.
-
Firefox Steps into 3D
New initiative will bring futuristic virtual reality effects to the web surfing experience.
-
New Trojan Targets Online Banking
Dyreza malware launches a man-in-the-middle attack that compromises SSL.
-
HP Rolls Out Massive Cloud Network
New cloud combines worldwide access with local attention to data security.
-
New Attack Targets Wireless Logins
A first cousin of the recent Heartbleed attack affects EAP-based wireless and peer-to-peer authentication.
-
Geeks Petition for Free Lenovo BIOS
FOSS community acts to protect freedom of choice for laptop devices.