GreyMagic sings about Opera flaw

Article

GreyMagic sings about Opera flaw

Shawna McAlearney, News Writer

Users of Opera 7.53 and prior need to upgrade to fix a "severe" security vulnerability in the Web browser that could allow read-access to victim's files and folders, cookie theft and URL spoofing (phishing). The flaw could also be used to track a user's browsing history and affects Opera running on Windows, Linux and Macintosh systems.

"This vulnerability in Opera is extremely severe, especially since it's a variation of a vulnerability we have reported over a year and a half ago," said Lee Dagon, head of research and development at Israel-based GreyMagic Software, which discovered the flaw. "Unfortunately, it wasn't fully patched and we can only hope that this time the patch will perform better and surround all potentially vulnerable objects."

In an e-mail interview, Dagon said it was "shockingly easy" to explore and steal information from users' hard drives with this vulnerability.

"The vulnerability is a new variant of an older vulnerability GreyMagic detected in February last year. This time the 'location' object isn't sufficiently protected from malicious attacks," Dagon said.

The February advisory described several flaws in Opera's model, one of which allowed an attacker to overwrite native and custom functions in a window. When the Web page executed the function, the attacker's code executed with the victim's privileges.

Opera version 7.01 tried to fix the problem by blocking write-access to objects on the victim window, but failed to block write-access

    Requires Free Membership to View

    Login

    SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

    Michael S. Mimoso, Editorial Director

    By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

to the often-used "location" object, Dagon said. "By overwriting methods in this object, an attacker can gain immediate script access to any Web page that uses one of these methods. This includes both Web pages in foreign domains and the victim's local file system."

GreyMagic informed Opera of the vulnerability on July 22. Opera version 7.54 was released on Aug. 5 to address the flaw.

Opera is the third most popular browser after Internet Explorer and Mozilla/Firefox. According to the Opera Web site, there are more than 7 million Opera users.

The full GreyMagic advisory is available here.


Join the conversationComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top