Opera *nixed by security bug
Patch issued, world peace secured
Opera users on *nix platforms are been urged to update their browser software following the discovery of a security flaw that creates a means for hackers to compromise vulnerable systems.
The vulnerability stems from a security flaw in a shell script used by Opera to safely parse shell commands. That means Opera on Unix might execute a command line embedded in a URL. Exploitation would involve tricking users of applications that uses Opera as the default browser (e.g. the mail client Evolution on Red Hat Enterprise Linux 4) into following a malicious link. The vulnerability can only be exploited on Unix / Linux based environments, according to security notification firm Secunia.
The vulnerability has been confirmed in version 8.5 on Red Hat Enterprise Linux 4. Other versions and platforms may also be affected. Users are urged to update to version 8.51 to defend against attack. Opera's advisory can be found here. ®