Technical Description

Multiple vulnerabilities were identified in Opera, which could be exploited by attackers to execute arbitrary commands.

The first issue is due to a memory corruption error in Macromedia Flash Player, a third party application redistributed with Opera, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to visit a specially crafted Web page or open a malicious Flash file. For additional information, see : VUPEN/ADV-2005-2317

The second vulnerability is due to an error where the shell script used in Unix / Linux based environments to launch Opera parses shell commands enclosed within backticks in the URL provided via the command line, which could be exploited by remote attackers to compromise a vulnerable system by convincing a user to follow a malicious link in an external program (e.g. Thunderbird or Evolution). This issue is similar to VUPEN/ADV-2005-1794

Affected Products

Opera version 8.50 and prior

Solution

Upgrade to Opera version 8.51 :
http://www.opera.com/download/

References

http://www.vupen.com/english/advisories/2005/2519
http://www.opera.com/docs/changelogs/windows/851/
http://www.opera.com/docs/changelogs/linux/851/
http://secunia.com/secunia_research/2005-57/advisory/

Credits

Vulnerabilities reported by eEye Digital Security, Sec Consult, Peter Zelezny and Jakob Balle.

ChangeLog

2005-11-22 : Initial release

Vulnerability Management

Subscribe to VUPEN VNS and receive real-time alerts when new advisories or patches relevant to your systems and network configurations are available.

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.