Opera security patch



I saw this earlier today, but had thought it was an issue already covered (just before Thanksgiving there was an opera security update I think.) Anyway… Secunia has an advisory on a security vulnerability in the Opera Web browser. Users are encouraged to upgrade to v. 8.51. The SecurityFix has the story. Download link here http://www.opera.com/download/


This is a critical vulnerability, it has been confirmed in Opera 8.01… basically the flaw is with the way Opera deals with mouse clicks in a new window. A user could be tricked into clicking the open button in a file download box instead of the save or cancel.

From Secunia…

Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into downloading and executing arbitrary programs on a user’s system.

A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the “File Download” dialog box can be exploited to trick the user into clicking on the “Run” button of the dialog box. This is exploited by first causing a “File Download” dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the “Open” button in the hidden “File Download” dialog box.

Related Posts

Blog Traffic Exchange Related Posts
  • Make an autorun cd show a web document on autoplay... There's a utility called Thumbs that looks like a good quick way to make a cd launch a web documented on autoplay in Windows 95/98/ME/NT/2000/XP/ ...Of course, autoplay under windows is fairly easy to setup. If you have a program on the disk you can just have autorun.inf in the......
  • WMF exploit through indexing software One of the vectors that has been mentioned early on is the infection of a system through the WMF exploit even when the exploited file was downloaded through a dos command shell. At first this seemed absurd, but it appeared that Google Desktop search was indexing files dynamically and once......
  • Ubuntu 9.04 Jaunty Netbook Remix on an Acer Aspire One ZG5 trackpad issues Recently I had the opportunity to work on an Acer Aspire One netbook. It's rare that I get the chance to work on a linux desktop system for a client. Most of my desktop users that I support run Windows (although I primarily run linux on my machines.) I get......
Blog Traffic Exchange Related Websites
  • Reg Sweep RegSweep is the latest in PC error diagnostic and repair. RegSweep can do a complete scan of your entire file system and registry in under 2 minutes! All corrupt files, paths, and registry keys will be analyzed and automatically repaired so that your PC functions just as when you first......
  • Protecting Yourself On The Internet Since its beginning in 1990 the online market place has revolutionised the way the world shares info. Unfortunately, it in addition has opened up a whole new world with bad people doing bad things. Illegal material hasn't been so easily available Big Dog Formula to tempt probably the most innocent......
  • Make Free Phone Calls with Google Voice, Gizmo, and Orgasmatron V: Google Voice Edition Earlier this year, I had posted a hack for making free phone calls with Google Voice, Gizmo, and Asterisk. Since then, Google closed the door on inbound SIP calls and thus the hack no longer works. Fortunately a new possibility has emerged that makes it possible once again. Nerd Vittles......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site