On MovieTome: The 10 worst movies of 2009 so far!

BNET Business Network:: BNET; TechRepublic; ZDNet

Zero Day

Ryan Naraine and Dancho Danchev

Get Zero Day via:: Mobile; RSS; Email Alerts
Bios:: Ryan’s Bio; Dancho’s Bio

May 21st, 2007

Opera sings code execution blues

Posted by Ryan Naraine @ 9:36 am

Categories: Botnets, Browsers, Data theft, Digital rights management, Exploit code, Passwords, Patch Watch, Pen testing, Piracy, Responsible disclosure, Rootkits, Spam and Phishing, Spyware and Adware, Viruses and Worms, Vulnerability research

Tags: Opera Software, Microsoft Windows, Ryan Naraine

Opera has released a “highly critical” update to plug a nasty code execution hole affecting Windows users.

The vulnerability, confirmed in all Opera versions prior to 9.21 for Windows, is caused due to an error in the handling of torrent files, according to an advisory issued by the Norwegian software company.

The flaw can be exploited to cause a buffer overflow when a user right-clicks a malicious torrent entry in the transfer manager.

“Successful exploitation allows execution of arbitrary code,” Opera warned, urging all Windows users to immediately update to version 9.21.

Secunia rates the bug as “highly critical” but notes that simply clicking on the dirty torrent link will not trigger the vulnerability.

Ryan Naraine is a journalist and security evangelist at Kaspersky Lab. He manages Threatpost.com, a security news portal. Here is Ryan's full profile and disclosure of his industry affiliations.

Email Ryan Naraine

For daily updates on Ryan's activities, follow him on Twitter.

Subscribe to Zero Day via Email alerts or RSS.

Talkback
Most Recent of 1 Talkback(s)

Thye have release an updated Linux version as well deaf_e_kate | 05/21/07

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Recent Entries

Blogs From Our Sponsors

Top Rated

Facebook password-reset spam is Bredolab botnet attack+46 votes
Microsoft confirms 'detailed' Windows 7 exploit+43 votes
Thousands of web sites compromised, redirect to scareware+43 votes
Firefox hit by multiple drive-by download flaws+41 votes
Which antivirus is best at removing malware?+40 votes
iHacked: jailbroken iPhones compromised, $5 ransom demanded+32 votes
New LoroBot ransomware encrypts files, demands $100 for decryption+28 votes
Mac OS X mega patch covers 58 security vulnerabilities+26 votes

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Archives

Favorite Links

41

ZDNet Blogs

White Papers, Webcasts, and Downloads

The Impact of Virtualization Software on Operating Environments VMware Today's use of virtualization technology allows IT professionals to ... Download Now
VMware Infrastructure: A Guide to Bottom-Line Benefits VMware Frustrated by the costs of maintain ever larger data centers?or building ... Download Now
Email Security and Archiving - Clearer in the Cloud Google The time is NOW for businesses and organizations of all sizes to implement ... Download Now

Popular Sanity Saver Videos

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More