FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

opera -- execution of arbitrary code

Affected packages
linux-opera < 12.11
linux-opera-devel < 12.11
opera < 12.11
opera-devel < 12.11

Details

VuXML ID 0925716f-34e2-11e2-aa75-003067c2616f
Discovery 2012-11-19
Entry 2012-11-22

Opera reports:

When requesting pages using HTTP, Opera temporarily stores the response in a buffer. In some cases, Opera may incorrectly allocate too little space for a buffer, and may then store too much of the response in that buffer. This causes a buffer overflow, which in turn can lead to a memory corruption and crash. It is possible to use this crash to execute the overflowing data as code, which may be controlled by an attacking site.

References

URL http://www.opera.com/support/kb/view/1036/