Serious Security Hole in Opera Browser
By on March 8th, 2010

Opera is one of the really good browsers out there. The browser features many in-built capabilities like managing chat sessions on IRC, reading RSS feeds and working with browsing sessions apart from a common tabbed interface and a state of the art UI.

The browser has a serious and simple security hole which allows causing a buffer overflow by setting a particular header length for any HTTP packet. The exploit Opera crash if insufficient. The hack was discovered by Marcin Ressel, who is an author at hackown.

The vulnerability is caused due to an error when processing HTTP responses having a malformed “Content-Length” header. This can be exploited to cause a heap-based buffer overflow via an overly large 64-bit “Content-Length” value, having the higher 32-bit part negative.

[ Source ]

According to current reports, only version 10.5 of the browser is vulnerable to this type of an attack. The attack though, has no other impact than crashing the browser. The solution to the crash, is to enable DEP which prevents buffer overflows in software.

This bug was discovered at Vupen Security and they are claiming that hack can be used to remotely execute malicious codes and use remote computers as botnets which is quite contrary to what Opera officials are claiming.

Tags: ,
Author: Chinmoy Kanjilal Google Profile for Chinmoy Kanjilal
Chinmoy Kanjilal is a FOSS enthusiast and evangelist. He is passionate about Android. Security exploits turn him on and he loves to tinker with computer networks. He rants occasionally at You can connect with him on Twitter @ckandroid.

Chinmoy Kanjilal has written and can be contacted at

Leave a Reply

Name (required)

Website (optional)

Copyright 2006-2012 Techie Buzz. All Rights Reserved. Our content may not be reproduced on other websites. Content Delivery by MaxCDN