MyQJ | QJ.NET | iPhone | MMORPG | Nintendo DS | Wii | PlayStation 3 | PSP | Xbox 360 | Downloads | QJ.NET Forums | Advertise on QJ!

Bug in the armor: Opera has vulnerable code

Posted Jan 06, 2007 at 10:37PM by Chris L. Listed in: Applications Tags: malware, Exploit, JavaScript, Opera Software
Ó

I don't think he meant that kind of bug.We don't know how this affects the Wii, but... This ain't the kind of exploit that makes the homebrewers smile. This is the one that pisses everybody off. iDefense Labs reports that there's a bug in Opera's implementation of JavaScript that can potentially allow someone "to execute arbitrary code on the affected host". Last time this writer heard this phrase, he had to dump a ton of useless popup exes and malware code out of his PC HDD; hence, the piss everyone off comment. It ain't a pretty sight, you know.

Exploitation of this vulnerability would allow an attacker to execute arbitrary code on the affected host. The attacker would first need to construct a website containing the malicious JavaScript and trick the vulnerable user into visiting the site. This would trigger the vulnerability and allow the code to execute with the privileges of the local user.


Like we said: we don't know how this affects the Wii. The iDefense Labs report doesn't contain anything Wii-specific, so absent the guy in this room with the IT degree, we don't know the dynamics of this exploit in the white box (With Wii Opera, you'd expect iDefense Labs to start gathering intel on vulnerabilities as they affect the Wii...). Anyway, the latest Opera for PC platforms corrects this bug. With the Opera on Wiis right now a running beta, it's a good bet this flaw will be patched up in a final release as well.

[Via iDefense Labs] Permalink  |   Email this  |   Linking Blogs   |   Digg It!

Bookmark / Find this article on:

3 Jumps     Shingo Takatsuka: Online is "top priority" for PES 2009
1 Jumps     Wii Speak Channel dated for Europe
1 Jumps     Waninkoko reconsidering coming back to Wii ISO Loader project
1 Jumps     Wii Homebrew - Wii-Tac-Toe v0.2

5 Comments


Sort by:
   by The Teej (Unregistered) - 2007-01-07
 » Uh-oh...
With a lack of a firewall on the Wii, I don't like the sounds of this one bit :/

Lets hope they provide a patch soon.

   by WC - 2007-01-07
 » Are you stupid?
This is EXACTLY the kind of bug that hackers want on the Wii. Anytime you see "execute arbitrary code" you can just go ahead and think 'hack hole'.

And this does not affect the Wii one bit as far as viruses go. Why? Because there are NO viruses written for the Wii. Until modders hack this to advantage, nobody will know HOW to write a virus for the Wii.

No, this is all plus and no minus for the Wii. For PCs, it's 'yet another hole' and that's it. Opera will patch it and avert the end of the world, again. -yawn-

   by Advertising -
   by you (Unregistered) - 2007-01-07
 » guys
you guys are all stupid.

first off this is why the javascript in the wii browser is built differently form the ground up with some things removed. if this hole is still present, its not a threat to wii.

Why? the arbitrary code has to be native to the processor. Is anyone able to compile a Wii program yet who isnt an official developer? no... nevermind one as complex as running within another process?


   Re: ^ (Unregistered) - 2007-01-07
 » hmm
http://www.ps3news.com/forums/wii-chat/wii-opera-vulnerability-46723.html

well they can make the Wii crash from this bug so lets hope they can get some kind of code working from it
   by Derek (Unregistered) - 2007-01-07
 » ?
And I wonder why Microsoft doesn't have a browser in the Xbox 360, especially Internet Explorer. god people quit *****in and get off your asses to your computer!



Featured Content
Contact
QJ.NET Blog Network RSS Feeds
MyQJ Feed / PDA
MyQJ RSS / PDA
Blog of Blogs Feed / PDA
QJ.NET RSS / PDA
Gaming Consoles Feed / PDA
Nintendo DS RSS / PDA
PlayStation 3 RSS / PDA
PSP Updates RSS / PDA
Wii RSS / PDA
Xbox 360 RSS / PDA
PC Gaming Feed / PDA
Age of Conan RSS / PDA
Games for Windows RSS / PDA
MMORPG RSS / PDA
Tabula Rasa RSS / PDA
World of Warcraft RSS / PDA
Science Feed / PDA
Science RSS / PDA
Technology Feed / PDA
Apple RSS / PDA
Gadgets RSS / PDA
iPhone RSS / PDA
Mobile RSS / PDA
Photography RSS / PDA
Tech RSS / PDA
Add QJ.NET
Add to My Yahoo!
Google Reader Subscribe with Bloglines
Add to your Kinja digest Subscribe in NewsGator Online
Subscribe with Pluck RSS reader Add 'www.qj.net' to Newsburst from CNET News.com
Subscribe with SearchFox RSS del.icio.us www.qj.net
Add to Technorati Favorite! Add to My AOL
furl! it Stumble for Treehugger!
User Favorites - October
Most Commented
(88)
(47)
(40)
(31)
(27)
(21)
(21)
(18)
(18)
(17)
(16)
(14)
(13)
(12)
(11)
(11)
(11)
(10)
(10)
(8)
User Favorites - October
Top Jumps
Rumor alert: all PSP games .. (83)
Buyout rumor: EA eyeing Epi.. (62)
Shingo Takatsuka: Online is.. (56)
Quartermann rumors: new Str.. (44)
From Software lists TGS 200.. (40)
Chart Track UK software: FI.. (38)
Japan's first half: PSP re.. (38)
Resident Evil: Degeneration.. (38)
Nintendo ranks first on Gam.. (37)
One year later: Manhunt 2 c.. (37)
Japan: Xbox 360 outsells Pl.. (35)
WiiKey 2 is out: specificat.. (34)
Strauss Zelnick: Take-Two w.. (34)
Spider-man: Web of Shadows .. (30)
Renting and borrowing's ou.. (29)
OPM UK rumors: Crysis for P.. (29)
Ring 'er up: Toys 'R Us o.. (28)
Report: Wii successor will .. (26)
TimeSplitters 4 teaser gets.. (23)
Call of Duty: World at War .. (22)
Nintendo DSi won't arrive .. (20)
Media Create: PS3 posts wor.. (20)
Backup Launcher v0.1: Nuke.. (19)
Take-Two reaffirms strong p.. (19)
Waninkoko reconsidering com.. (18)

 Username: 
 Password:
Forgot password
New user registration



Categories

Titles
Archives


Use of this Web site constitutes acceptance of the TERMS & CONDITIONS and PRIVACY POLICY
Copyright © 2006, Content Holdings, LLC. All Rights Reserved. Version. 1.31