Opera security patch



I saw this earlier today, but had thought it was an issue already covered (just before Thanksgiving there was an opera security update I think.) Anyway… Secunia has an advisory on a security vulnerability in the Opera Web browser. Users are encouraged to upgrade to v. 8.51. The SecurityFix has the story. Download link here http://www.opera.com/download/


This is a critical vulnerability, it has been confirmed in Opera 8.01… basically the flaw is with the way Opera deals with mouse clicks in a new window. A user could be tricked into clicking the open button in a file download box instead of the save or cancel.

From Secunia…

Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into downloading and executing arbitrary programs on a user’s system.

A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the “File Download” dialog box can be exploited to trick the user into clicking on the “Run” button of the dialog box. This is exploited by first causing a “File Download” dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the “Open” button in the hidden “File Download” dialog box.

Related Posts

Blog Traffic Exchange Related Posts
  • Sleuthkit - windows and linux file recovery http://www.sleuthkit.org/ Sluethkit... is a collection of tools for forensic analysis of a system. Usually it's something that would be done when you've had a suspected rootkit on the system and you boot to another operating system with sluethkit installed (maybe livecd/etc.) and want to try to analyze and hunt for......
  • Make an autorun cd show a web document on autoplay... There's a utility called Thumbs that looks like a good quick way to make a cd launch a web documented on autoplay in Windows 95/98/ME/NT/2000/XP/ ...Of course, autoplay under windows is fairly easy to setup. If you have a program on the disk you can just have autorun.inf in the......
  • Network Security guide for the home or small business network - Part 14 - Alternative software There are ways that risks can be avoided. Recently, there was what was called a zero-day exploit for Internet Explorer. As I write this, the exploit surfaced 3 weeks ago and tomorrow there will be a patch. The vulnerability would allow remote code execution through a vulnerability in the way......
Blog Traffic Exchange Related Websites
  • Microsoft to let PC users turn off IE A single check box deep in the guts of the next version of Windows is giving Microsoft Corp. watchers a peek at how the software maker plans to keep European antitrust regulators from marring a crucial software¬†launch. Windows 7, the successor to the much-maligned Vista, isn't expected to reach consumers......
  • Microsoft to Improve User Access Control in Windows 7 I was just reading a Slashdot article about Microsoft improving User Access Control (UAC) in Windows 7. In the cited PC Pro article, Microsoft engineer Ben Fathi says: We've heard loud and clear that you are frustrated. You find the prompts too frequent, annoying, and confusing. We still want to......
  • Make Free Phone Calls with Google Voice, Gizmo, and Orgasmatron V: Google Voice Edition Earlier this year, I had posted a hack for making free phone calls with Google Voice, Gizmo, and Asterisk. Since then, Google closed the door on inbound SIP calls and thus the hack no longer works. Fortunately a new possibility has emerged that makes it possible once again. Nerd Vittles......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site