Opera browser vulnerability (buffer overflow)
A highly dangerous vulnerability has been discovered in Opera versions 10.x, allowing a remote user to compromise the target system, namely, crash the browser or execute arbitrary code on the system with the privileges of the user who launched Opera.
The vulnerability is caused by a buffer overflow error resulting from an error in processing HTTP responses containing a specially crafted HTTP Content-Length header. An attacker can, by sending a too long Content-Length value, cause an overflow of dynamic memory and, as a result, execute arbitrary code on a remote system with user privileges or crash the browser.
Currently, there is no way to eliminate the error. It is recommended either not to visit unfamiliar sites through Opera 10.x, or to visit, but with reduced privileges.
There is a valid exploit in the network. So be careful yourself and warn your friends / acquaintances!
')
Source - Opera 10.x Content-Length Buffer Overflow PoC
The vulnerability is caused by a buffer overflow error resulting from an error in processing HTTP responses containing a specially crafted HTTP Content-Length header. An attacker can, by sending a too long Content-Length value, cause an overflow of dynamic memory and, as a result, execute arbitrary code on a remote system with user privileges or crash the browser.
Currently, there is no way to eliminate the error. It is recommended either not to visit unfamiliar sites through Opera 10.x, or to visit, but with reduced privileges.
There is a valid exploit in the network. So be careful yourself and warn your friends / acquaintances!
')
Source - Opera 10.x Content-Length Buffer Overflow PoC
Source: https://habr.com/ru/post/86624/
All Articles