Vulnerability tracking firm Secunia today reported a “highly critical” vulnerability in Opera, the alternative cross-platform web browser, that could lead to the execution of malicious code.
The buffer overflow flaw, reported Tuesday by researchers at VeriSign iDefense, can be exploited when users click on "very large link addresses," according to an Opera Software advisory, which urged users to upgrade to the 9.02 version.
If the link is specially crafted, it could cause arbitrary code to run on a user's computer, according to the advisory. Otherwise, a normally long link could lead to a browser crash. For the attack to work, an attacker must dupe an unsuspecting user into visiting a website containing the malicious tag, which is code embedded in an HTML document that provides format instructions.
According to Secunia, the bug can be exploited by URLs that are longer than 256 bytes.
"A heap buffer with a constant size of 256 bytes is allocated to store the URL, and the tag's URL is copied into this buffer without sufficient bounds checking of its length," according to an iDefense public advisory.
The iDefense advisory said versions 9.0 and 9.01 – on both Windows and Linux operating systems – are vulnerable. Version 8 is not affected.
According to the latest statistics from OneStat.com, Opera has a 0.69 percent global market share and 0.61 percent in the United States. It is most popular in Australia, where it is the browser of choice for nearly 5 percent of web users.
Click here to email Dan Kaplan.