In association with heise online

11 May 2012, 12:43

Opera 11.64 closes critical code execution hole

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Opera logo Version 11.64 of the Opera web browser has been released, closing a critical hole that could have been exploited by attackers to inject malicious code into a victim's system. According to the company, some undisclosed formulations of URLs caused the browser to allocate the incorrect amount of memory for storing the address. When the program attempted to store the address, unrelated memory could have been overwritten with an attacker's data, resulting in a crash and the execution of arbitrary code.

Non-security-related fixes include correcting an issue that prevented some secure pages, such as PayPal and eBay, from loading, and problems when using the AMD loader from the Dojo Toolkit. A full list of the fixes and improvements in the update can be found in the Windows, Mac and UNIX change logs. Version 11.64 of Opera is available to download for Windows, Mac OS X, Linux, FreeBSD and Solaris.

See also:

(crve)

Print Version | Send by email | Permalink: http://h-online.com/-1573877
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit