Home > Desktop, Security > New Opera 9 'exploit' un-exploitable, according to Opera

New Opera 9 'exploit' un-exploitable, according to Opera

June 23, 2006

It didn’t take long for a public ‘exploit’ of the new browser, Opera 9, to be made public.

The exploit, or rather a proof of concept, was discovered by researcher Povilas Tumėnas, and posted online the day after Opera 9 was released. According to the researcher the ‘exploit’ can be used to create an out-of-bounds memory access.

I’ve seen and tested this ‘exploit’. The browser crashes when a page containing the ‘exploit’ is loaded.

Opera has already analyzed it, an Opera official told Opera Watch. “It is absolutely un-exploitable.”

“The reporters didn’t bother contacting us first to discuss it (which is standard practice for security researchers) or we could have informed them that Opera crashes reading memory, not writing, and thus it’s guaranteed to be a harmless crash.”

This problem still exists with the new Opera 9.01 weekly build that was released today. I’ve been told that it will be fixed in an upcoming browser update.

Categories: Desktop, Security
  1. June 23, 2006 at 11:32 am

    Its not so dangerous, but still i’d like it ot be fixed.

    Good job Lithuanian hackers, keep searching for bugs in Opera.

  2. June 23, 2006 at 11:40 am

    Good job Lithuanian hackers, keep searching for bugs in Opera.

    But do it the right way. Inform Opera of the exploit before making it public.

    Opera will still give you the credit with finding the exploit, you just need to give them a bit of time to fix it (if it’s in fact a real exploit).

  3. June 23, 2006 at 11:55 am

    I’ll try to contact them and let them know.

  4. Jakub81
    June 23, 2006 at 2:26 pm

    Bad job lame Lithuanian hackers, you should have inform Opera about it first, not wait until 9.0 release to get a bit of publicity.

  5. June 24, 2006 at 3:40 am

    Well they only found this when 9 was released, it doesn’t affect previous versions. 8.54 is safe

  6. Amen
    June 27, 2006 at 2:22 pm

    An update to Opera just a week after the v.9 release? Well, it’s a good thing, if the update is better than the previous version. It’s a bad thing only if you think marketing is all about full and round numbers…

  7. mac
    July 24, 2006 at 5:41 am

    It is absolutely un-exploitable.Opera has brought a new change for itself.Bheeeee

  1. No trackbacks yet.
Comments are closed.
%d bloggers like this: