GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Fri Jan 12, 2007 10:26 pm Post subject: [ GLSA 200701-08 ] Opera: Two remote code execution vulnerab |
 |
|
Gentoo Linux Security Advisory
Title: Opera: Two remote code execution vulnerabilities (GLSA 200701-08)
Severity: normal
Exploitable: remote
Date: January 12, 2007
Bug(s): #160369
ID: 200701-08
Synopsis
Two vulnerabilities may allow the execution of arbitrary code.
Background
Opera is a multi-platform web browser.
Affected Packages
Package: www-client/opera
Vulnerable: < 9.10
Unaffected: >= 9.10
Architectures: All supported architectures
Description
Christoph Deal discovered that JPEG files with a specially crafted DHT marker can be exploited to cause a heap overflow. Furthermore, an anonymous person discovered that Opera does not correctly handle objects passed to the "createSVGTransformFromMatrix()" function.
Impact
An attacker could potentially exploit the vulnerabilities to execute arbitrary code with the privileges of the user running Opera by enticing a victim to open a specially crafted JPEG file or a website containing malicious JavaScript code.
Workaround
The vendor recommends disabling JavaScript to avoid the "createSVGTransformFromMatrix" vulnerability. There is no known workaround for the other vulnerability.
Resolution
All Opera users should update to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=www-client/opera-9.10" |
References
Opera Advisory (createSVGTransformFromMatrix)
Opera Advisory (JPEG)
CVE-2007-0126
CVE-2007-0127 |
|
News & Announcements
