View Full Version : Opera Update news

25-10-2003, 01:13 PM
Hello Opera users

There is an update for you:

Opera update fixes critical remotely exploitable heap overflow

Opera Software has released an update to its popular cross-platform web browser that, among other things, fixes a critical security problem. Researchers at @stake have reported that at least versions 7.11 and 7.20 of the Opera browser are vulnerable to an exploitable heap overflow due to the browser's improper handling of malformed URLs in 'href' link parameters. The problem revolves around URLs containing large numbers of HTML 'character escape' codes (the percentage sign).

Opera users on all platforms should update to version 7.21 (or later if
available), which fixes this problem.

Opera HREF Escaped Server Name Overflow - atstake.com (http://s0.tx.co.nz/at/tep34i36354a4j16457c292424s4t9n881431f1z)

Opera download page - opera.com (http://s0.tx.co.nz/at/tep34i36330a4j16457c292424s4t9n881431f1z)