Opera has a leak that for the browser appeared, within a day after media attention about this poem. The leak was at the Opera for a long time known, but the Norwegian browsermaker denies lax with the first message used to have.
The vulnerability occurred in the handling of svg images within a frameset on Windows XP SP3. The exploit allowed attackers to run code of their systems of Opera-users. This was the data execution prevention protection in Windows are disabled.
Beveiligingsonderzoeker José Vazquez would be the leak for more than a year ago, having discovered Opera after two months, have informed. Opera suggests, however, that the company of the leak, in spite of extensive testing, could not reproduce, and that it therefore asked for more information. That data has Opera, however, never received, writes the company in a blog post. Finally made Vazquez the leak this week public.
The exploit was as a module for the penetration testing framework Metasploit released. Also, the source code is published. This could, in principle, everyone the exploit to use. Vazquez does not explicitly explain why he has chosen to use the exploit make it accessible for everybody, but he seemed dissatisfied with the approach of Opera with regard to vulnerabilities.