Opera: buffer overflows in 7.11 and 7.20
Gentoo Linux Security Advisory
||GLSA 200311-02 / Opera
||November 19, 2003
||November 19, 2003: 01
||local / remote
All supported architectures
Buffer overflows exist in Opera 7.11 and 7.20 that can cause Opera to crash,
and can potentially overwrite arbitrary bytes on the heap leading to a
Opera is a multi-platform web browser.
The Opera browser can cause a buffer allocated on the heap to overflow under
certain HREFs when rendering HTML. The mail system is also deemed
vulnerable and an attacker can send an email containing a malformed HREF, or
plant the malicious HREF on a web site.
Certain HREFs can cause a buffer allocated on the heap to overflow when
rendering HTML which can allow arbitrary bytes on the heap to be overwritten
which can result in a system compromise.
There is no known workaround at this time.
Users are encouraged to perform an 'emerge sync' and upgrade the package
to the latest available version. Opera 7.22 is recommended as Opera 7.21 is
vulnerable to other security flaws. Specific steps to upgrade:
Code Listing 3.1: Resolution
# emerge sync
# emerge -pv '>=www-client/opera-7.22'
# emerge '>=www-client/opera-7.22'
# emerge clean