Opara 6.06 Released, Security-Hole Left

From: nesumin (nesuminat_private)
Date: Thu Mar 20 2003 - 14:55:24 PST

Next message: Grégory: "[SCSA-011] Path Disclosure Vulnerability in XOOPS"

Previous message: OpenPKG: "[OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Opera Software released Opera 6.06.
However, the security hole that we had released on Feb 9th, 2003
("Opera Username Buffer Overflow Vulnerability"
[http://www.securityfocus.com/archive/1/311194])
has not been fixed yet. Opera 6.06 still has this security hole,
to which we should pay heed.

Here attached an HTML file that you can easily check this vulnerability.
This would run the code that launches the Internet Explorer.
Change file extension to HTML.


--------------------------------------------------
nesumin <nesuminat_private>

application/octet-stream attachment: unbof_demo.txt

Next message: Grégory: "[SCSA-011] Path Disclosure Vulnerability in XOOPS"
Previous message: OpenPKG: "[OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Mar 20 2003 - 15:12:10 PST