Release DateSep 02, 2010 |
Severitymedium |
ImpactSuccessful exploitation may allow execution of arbitrary code. |
DescriptionOpera Web Browser is a browser that runs on multiple operating systems. The application is prone to the following vulnerabilities:[Opera KB 966] Performing some painting operations on a canvas while certain transformations are being applied in Opera may result in heap buffer overflows. In most cases Opera will just freeze or terminate, but in some cases this could lead to a crash which could be used to execute code. To inject code, additional techniques will have to be employed. [Opera KB 967] Tabs may be used to obscure a download dialog that is visible in another tab. The dialog will allow the user to choose to run downloaded executables directly. If the tab is closed or hidden at the moment that a user was about to click, they can end up clicking on the buttons in the dialog, causing the downloaded file to be executed. Previous versions of Opera had a delay before the button would respond to counteract this possibility. A recent interface change caused this protection not to function correctly. [Opera KB 968] When Opera is previewing a news feed, certain types of content do not have their scripts removed correctly. These scripts are able to subscribe the user to the feed without their consent. |
Affected ProductsOpera Versions prior to 10.61 |
Recommended ActionsOpera Software has released Opera 10.61 where this issue has been fixed. Refer to vendor advisories Opera KB 966, Opera KB 967 and Opera KB 968 to obtain additional details about these vulnerabilities. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2010-2576 |
