|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
VigilantMinds Advisory: Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01)
From: VigilantMinds Advisories (advisories
vigilantminds.com)
Date: Thu Jun 22 2006 - 09:10:44 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01)
Summary:
An integer overflow vulnerability exists in the Opera Web Browser due to
the improper handling of JPEG files.
Impact:
Remote Code Execution
Affected Versions:
Opera 8.54 and Earlier
Details:
If excessively large height and width values are specified in certain
fields of a JPEG file, an integer overflow may cause Opera to allocate
insufficient memory for the image. This will lead to a buffer overflow
when the image is loaded into memory, which can be exploited to execute
arbitrary code.
Recommended Actions:
It is recommended that users upgrade to Opera 9.00, which addresses this
vulnerability. Additionally, users should exercise caution while
accessing the web, and should do so from accounts with limited
privileges.
Timeline:
Reported: 4/25/2006
Fixed: 6/20/2006
Credit:
Chris Ries
References:
Opera Website: http://www.opera.com
VigilantMinds Website: http://www.vigilantminds.com
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]