openSUSE 10 Security Update : opera (opera-1697)
High Nessus Plugin ID 27372
SynopsisThe remote openSUSE host is missing a security update.
DescriptionThe webbrowser Opera has been upgraded to version 9.0 to add lots of new features, and to fix the following security problem :
CVE-2006-3198: An integer overflow vulnerability exists in the Opera Web Browser due to the improper handling of JPEG files.
If excessively large height and width values are specified in certain fields of a JPEG file, an integer overflow may cause Opera to allocate insufficient memory for the image. This will lead to a buffer overflow when the image is loaded into memory, which can be exploited to execute arbitrary code.
SolutionUpdate the affected opera package.