Opera update plugs heap big buffer overflow bug
Major upgrade features baked-in web server tech
Posted in Enterprise Security, 24th November 2009 10:44 GMT
Free whitepaper – Assuring application service quality
Opera has fixed three potentially nasty security vulnerabilities with the release of a major new version of its web browser software.
A heap buffer overflow bug involving the string to number conversion technology in previous versions of Opera created a means to inject hostile code onto vulnerable systems. Opera version 10.10 plugs this hole, along with an problem with error messages that posed an information leakage risk. The update also addresses a "moderate" security issue discovered by Google, details on which are being withheld. More on these bugs in a security advisory from Secunia here.
The release of Opera version 10.10 on Monday marked the debut of Opera Unite, a web server technology that now comes baked into Opera's browser software. The technology allows users to stream music or share files, such as photos, directly from their browser.
The update also addresses a large number of minor stability and performance glitches, as explained in Opera's release notes here. ®
The Register Webcast - Desktop Support : The Hub of IT
The Register Guide to managing spam
The Register Green Computing Report
Secure Mobile Working
Risk and Resilience
