Opera bitten by ‘extremely severe’ browser bug
Submitted by srlinuxx on Thu, 10/09/2008 - 11:11.
Buried in the flurry of feature-related news surrounding the release of Opera 9.6 is the fact that the update fixes an “extremely severe” vulnerability that could expose Opera users to code execution attacks.
According to an Opera advisory, which is not mentioned anywhere in Opera’s giddy press release, there’s a patch out for an issue where specially crafted addresses could execute arbitrary code.
Here’s how Opera describes the vulnerability, which was discovered and reported by Matasano’s Chris Rohlf:
If a malicious page redirects Opera to a specially crafted address (URL), it can cause Opera to crash. Given sufficient address content, the crash could cause execution of code controlled by the attacking page.
Rohlf has more details on the Matasano Chargen blog:
Break browser to hack hdd is nothing new ? All porn sites do ?
Apparently, opera has no defeat of break(ascii code 02) to activate anti-crash codes, just like IE6.0. Adding Google toolbar should help or activate Taiwan bios virus protection on your hdd zero track write.
If any apps got crashed by receiving a break signal, then a cursor will allow a hacker(ctty in a webpage trailer codes) to access your hdd zero track to bury any attack codes to corrupt your computer system. The solution is reinstall your partition by fdisk and restore your partitions. Then reinstall your operating system.