Multiple vulnerabilities have been identified in Opera, which could be exploited by attackers to bypass security restrictions, disclose sensitive information, cause a denial of service or compromise a vulnerable system.

The first issue is caused by a memory corruption error when processing a malformed JPEG image, which could be exploited to crash an affected browser or execute arbitrary code.

The second vulnerability is caused by an unspecified error related to plug-ins, which could be exploited to conduct cross domain scripting attacks.

The third issue is caused by an unspecified error.

Affected Products

Opera version 9.63 and prior

Solution

Upgrade to Opera version 9.64 :
http://www.opera.com/docs/changelogs/linux/964/

References

http://www.vupen.com/english/advisories/2009/0586
http://www.opera.com/docs/changelogs/linux/964/
http://www.opera.com/support/search/view/926/

In-depth Binary Analysis

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 

Private Exploit or PoC

Available in customer area as part of VUPEN Binary Analysis & Exploits Service and VUPEN Vulnerability Notification Service Ultimate Feed Edition.
 

Credits

Vulnerabilities reported by Tavis Ormandy (Google Security Team), Adam Barth, and the vendor.

Changelog

2009-03-03 : Initial release

Feedback

If you have additional information or corrections for this security advisory please submit them via our contact form.