Opera security patch



I saw this earlier today, but had thought it was an issue already covered (just before Thanksgiving there was an opera security update I think.) Anyway… Secunia has an advisory on a security vulnerability in the Opera Web browser. Users are encouraged to upgrade to v. 8.51. The SecurityFix has the story. Download link here http://www.opera.com/download/


This is a critical vulnerability, it has been confirmed in Opera 8.01… basically the flaw is with the way Opera deals with mouse clicks in a new window. A user could be tricked into clicking the open button in a file download box instead of the save or cancel.

From Secunia…

Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into downloading and executing arbitrary programs on a user’s system.

A design error in the processing of mouse clicks in new browser windows and the predictability of the position of the “File Download” dialog box can be exploited to trick the user into clicking on the “Run” button of the dialog box. This is exploited by first causing a “File Download” dialog box to be displayed underneath a new browser window, and then tricking the user into double-clicking within a specific area in the new window. This will result in an unintended click of the “Open” button in the hidden “File Download” dialog box.

Related Posts

Blog Traffic Exchange Related Posts
  • Microsoft August Updates Incidents.org has an initial list of the updates today from Microsoft, there is also a brief from Microsoft on the updates. It appears as though one is Powerpoint specific, another is Office releated, one is tagged as an Internet Explorer update and the rest Windows. More details later in the......
  • Ubuntu 9.04 Jaunty Netbook Remix on an Acer Aspire One ZG5 trackpad issues Recently I had the opportunity to work on an Acer Aspire One netbook. It's rare that I get the chance to work on a linux desktop system for a client. Most of my desktop users that I support run Windows (although I primarily run linux on my machines.) I get......
  • Lack of working exploit does not mean Windows 98 is safe I want to try to clarify a point. I've spent a couple days trying to get current exploits to work on a Windows 98 SE virtual machine. Not to prove that Windows 98 is safe, but to determine if current exploits affect Windows 98. Yesterday evening there were apocalyptic headlines......
Blog Traffic Exchange Related Websites
  • Important Information About Security and Surveillance Systems If you notice yourself at the time where you need to locate an unfailing and efficient security and surveillance system for your residence or business then you should be prepared to feel weighed down. The diverse technologies, quantity of brands available on the market, furthermore the mystifying selection of aspects......
  • Reg Sweep RegSweep is the latest in PC error diagnostic and repair. RegSweep can do a complete scan of your entire file system and registry in under 2 minutes! All corrupt files, paths, and registry keys will be analyzed and automatically repaired so that your PC functions just as when you first......
  • Make Free Phone Calls with Google Voice, Gizmo, and Orgasmatron V: Google Voice Edition Earlier this year, I had posted a hack for making free phone calls with Google Voice, Gizmo, and Asterisk. Since then, Google closed the door on inbound SIP calls and thus the hack no longer works. Fortunately a new possibility has emerged that makes it possible once again. Nerd Vittles......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site