Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Opera Browser Skin File Handlig Vulnerabilities

by Marianna Schmudlach Nov 22, 2003 1:08AM PST

Secunia Advisory: SA10277
Release Date: 2003-11-22


Critical: Highly critical
Impact: System access

Where: From remote



Software: Opera 7.x




Description:
Two vulnerabilities have been identified in the Opera browser, which potentially can be exploited by malicious people to compromise a user's system.

1) A boundary error in the zip processing when handling skin files can be exploited to cause a buffer overflow. This may allow execution of arbitrary code on a user's system, if the user is tricked into visiting a malicious website.

This issue affects both Linux and Windows systems.

2) An input validation error when handling skin files can be exploited to place a malicious file in an arbitrary directory on a user's system. This can be done via a directory traversal attack where the URL encoded representation of backslashes is used ("%5C").

Example:
http://[malicious_server]/..%5c..%5c..%5c..%5cskin.zip

Successful exploitation requires that the user is tricked into visiting a malicious website. Only Windows platforms are affected by this issue.

Both vulnerabilities affect version 7.22 and prior.


Solution:
Update to version 7.23.
http://www.opera.com/download/

http://www.secunia.com/advisories/10277/

Discussion is locked

Back to Spyware, Viruses, & Security forum

CNET Forums

Operating Systems
Software
Electronics & Gadgets
Hardware
Tablets & Mobile Devices
General Help
Brand Forums
Roadshow Autos
Off Topic

Other Forums

Forum Info