In association with heise online

15 August 2007, 13:55

Opera fixes JavaScript vulnerability

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The developers of the Opera Web browser have released the new Version 9.23 of the software. This eliminates a critical security vulnerability in the processing of crafted JavaScript, which an attacker can exploit to execute arbitrary code on computers running the browser. They detected the vulnerability with the help of the jsfunfuzz fuzzing tool released by the Mozilla foundation.

In a security advisory, the Opera developers discuss the critical JavaScript vulnerability, which can be exploited by a virtual function call on an invalid pointer which may refer to data transferred by the attacker. In addition, the developers have eliminated another four vulnerabilities in the processing of JavaScript that only cause the browser to crash.

The update also improves the stability of the speed dial function and eliminates problems when scrolling through web pages that can occur under Windows Vista when using certain types of Microsoft mice. Since the developers categorise the Opera release as a security update, users of the browser should quickly download and install the new version.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit