There are new versions of the Opera browser available, a small update to version 12.01, but they include a number of important security fixes, notably a patch for a vulnerability that could lead to remote code execution.
The maintainers of Opera pushed out new versions for all of the major platforms, including Windows, Mac and Unix, each with a variety of security patches. The new release for Windows includes five security fixes, one of which is a second repair of a previously addressed vulnerability in the browser.
The patches for Opera 12.01 on Windows include:
- Re-fixed an issue where certain URL constructs could allow arbitrary code execution, as reported by Andrey Stroganov
- Fixed an issue where certain characters in HTML could incorrectly be ignored, which could facilitate XSS attacks
- Fixed another issue where small windows could be used to trick users into executing downloads as reported by Jordi Chancel
- Fixed an issue where an element’s HTML content could be incorrectly returned without escaping, bypassing some HTML sanitizers
There also is a fifth vulnerability patched in the Windows release, but Opera did not release any details about the nature of the bug or its location or effects.
The most serious vulnerability is the one that Opera had to fix a second time, a critical flaw that could lead to remote code execution.
“Certain page address (URL) constructs can cause Opera to allocate the wrong amount of memory for storing the address. When it then attempts to store the address, it will overwrite unrelated memory with attacker-controlled data. This can lead to a crash, which may also execute that data as code,” Opera said in its advisory.
The same group of vulnerabilities were fixed in the Opera 12.01 release for Mac OS X and Opera 12.01 for Unix.
This is the first update to the Opera browser since version 12.0 was released in mid-June.
