| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <45AD37756BF9B841B3149BB3E21465CB0417CF@iron.vigilantminds.com> Date: Thu, 22 Jun 2006 10:10:44 -0400 From: "VigilantMinds Advisories" <advisories@...ilantminds.com> To: <bugtraq@...urityfocus.com> Subject: VigilantMinds Advisory: Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01) Opera JPEG Processing Integer Overflow Vulnerability (VMSA-20060621-01) Summary: An integer overflow vulnerability exists in the Opera Web Browser due to the improper handling of JPEG files. Impact: Remote Code Execution Affected Versions: Opera 8.54 and Earlier Details: If excessively large height and width values are specified in certain fields of a JPEG file, an integer overflow may cause Opera to allocate insufficient memory for the image. This will lead to a buffer overflow when the image is loaded into memory, which can be exploited to execute arbitrary code. Recommended Actions: It is recommended that users upgrade to Opera 9.00, which addresses this vulnerability. Additionally, users should exercise caution while accessing the web, and should do so from accounts with limited privileges. Timeline: Reported: 4/25/2006 Fixed: 6/20/2006 Credit: Chris Ries References: Opera Website: http://www.opera.com VigilantMinds Website: http://www.vigilantminds.com
Powered by blists - more mailing lists