Three days after its wide release on June 21, a serious security vulnerability in Opera 9 has been disclosed that could be exploited. Users are advised to update to a temporary patch.
This vulnerability arises from the memory management portion of the application when it processes an HTML document containing malicious code. If the HREF (Hypertext Reference) tag is designed with an excessively long length, attackers can exploit this to create a Denial of Service (DoS) attack state. During this time, if a user loads an HTML document containing the malicious HREF tag, the browser will become completely unresponsive. Opera 9.0 is the only version affected by this vulnerability.
While Opera 9.0 was still in its beta versions, another security flaw related to a buffer overflow was also disclosed.
SNOW WHITE
