Newsletter Sign-Up

Receive the latest technology news and information.

Opera patches two browser security flaws

It has released an upgrade that addresses the vulnerabilities

By Matthew Broersma

November 25, 2005 12:00 PM ET

TechWorld.com - Opera Software ASA has released an upgrade addressing two serious security flaws involving Macromedia Inc.'s Flash Player and a code execution bug affecting Linux and Unix users.

The first problem relates to Flash Player and was made public earlier this month. Macromedia warned that the bug in Flash Player, a widely used piece of desktop software, could allow attackers to take over a system.

The security research firm co-credited with discovering the bug, eEye Digital Security, said it had demonstrated "reliable exploitation" using the bug in the Internet Explorer browser, but other browsers are also said to be just as open to attack.

Opera's fix arrived this week with Opera 8.5.1, which includes Flash Player Version 7r61.

The release also fixes a problem identified by Secunia Research, involving the shell script used to launch Opera in Linux and Unix environments. The flawed script processes shell commands enclosed in URLs passed to Opera via the command line.

That means an attacker could execute malicious shell commands on a user's system via an innocent-seeming URL in an e-mail message, for example. The command would be executed when the user clicked on the URL and invoked Opera.

The shell script bug doesn't just affect Opera -- it is a variant of a problem with the Firefox browser disclosed in September.

Opera said the update also improves stability when viewing pages with Java for users of Japanese Mac OS X systems.

Reprinted with permission from

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Viruses

Additional Resources

Xerox

Win a color printer!

By using solid ink technology only from Xerox, you could save up to 65% by printing color for the cost of black and white. Enter for a chance to WIN a PhaserTM 8860 network color printer!

Microsoft

Upgrade to Internet Explorer 8 today.

Save time and mitigate security risk. Deploy it now.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.

White Papers & Webcasts

Share our Strength
Download Now

Extending Client Refresh - 11 Steps to Maximize Savings
Register Now!

Can Heuristic Technology Help Your Company Fight Viruses?
What is Heuristic Technology and how can it help safeguard your business against viruses? Learn more.

Lower the Cost and Complexity of a Mobile Workforce through Automation
Download This Resource Now!

Eradicate Spam & Gain 100% Asurance of Clean Mailboxes
Get this paper now!

Managing Mobility: Improve Data Security, Compliance and Manageability
Download This Resource Now!

Mastering eDiscovery: The IT Manager's Guide to Preservation, Protection & Production
Get this paper now!

Consolidate Your Servers and Storage to Lower Costs with Oracle Database 11g
Register for this webcast!

Not Just Words: Enforce Your Email and Web Acceptable Usage Policies
Get this paper now!

The Commercialization of ITIL: Lessons Learned
Register for this event today!

All White Papers | All Webcasts

Computerworld Reports

8 Questions To Ask About Your Intrusion-Security Solution

Computerworld Technology Briefings IT Service Management

Computerworld Briefing - Analytics: The Art and Science of Better

All Computerworld Reports

	Security
	Virus and Vulnerability Roundup
	Computerworld Daily News (First Look and Wrap-Up)
	Computerworld Blogs Newsletter
	The Weekly Top 10
	Cloud Computing

resource center