Critical browser vulnerabilities over the weekend

On the weekend, two exploits using critical vulnerabilities for the Internet: IE 6.x / 7.x and Opera. Under the cut examples and solutions

1) IE 6.x / 7.x

Vulnerability allows when you visit a specially crafted web page to cause an application to crash and execute arbitrary program code.

Exploit will crash IE (6/7)
')
Remedy: not available at the moment, or install the latest version of IE 8

2) Opera

In Opere 10.01, due to incorrect memory allocation for floating point numbers, a specially crafted webpage can cause memory corruption and the execution of arbitrary program code in the context of a running application.

Exploit (assigning a variable a number with a very long decimal part) ( link )


(This is not HTML, but PHP code) causes a crash for versions 10.01 (the latest available at the moment), perhaps earlier.

Solution: the vulnerability is fixed in Opera 10.10 Release Candidate 3, the final version is expected from the manufacturer Opera SoftWare in the near future

So be on the alert and always use only the latest software versions (especially browsers)

UPD .:
Opera 10.10 released, can be updated