Opera has released a new version of their web browser. Among earlier reported buffer overflow vulnerability another security issue has been fixed too.
Highly severe:
Large values in the HTTP Content-Length header can cause Opera to crash. Certain specific values can cause a memory corruption, which in some cases can allow arbitrary code to be injected and executed. In most cases Opera will just crash. To inject code, additional techniques will have to be employed.
Highly severe:
XSLT is normally subject to strict controls, preventing documents from separate Web sites from reading the contents of other sites. Certain XSLT constructs can cause Opera to retrieve the wrong contents for the resulting document. These contents will appear randomly from the cached versions of any Web page that has previously been visited, and could contain sensitive information. This information can then be read by the resulting document.
Opera users are strongly recommended to update to 10.51 version. New version can be downloaded here.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment