On Playfeed: Super Smash Bros. comes to 3DS this summer, Wii U in winter

Latest Gear Live Videos

Sunday January 7, 2007 3:49 pm

Wii Web Browser Susceptible to Opera Vulnerability

Description

Obviously, Nintendo has been careful to state that the current Wii Web Browser is merely a trial, “beta” version, but this most recent report should make users a little more cautious when taking their Wii online.

The following security report was released by security & vulnerability research lab iDefense and pertains to the version of the Opera web browser currently implemented on the Wii console.

Remote exploitation of a typecasting bug in Opera Software ASA’s Opera Web browser could allow an attacker to execute arbitrary code on the affected host.

A flaw exists within Opera’s Javascript SVG implementation. When processing a createSVGTransformFromMatrix request Opera does not properly validate the type of object passed to the function. Passing an incorrect object to this function can result in it using a pointer that is user controlled when it attempts to make the virtual function call.

The question, of course, is whether it would be worth any hacker’s while to write malicious executable code specifically for the Wii’s proprietary linux-based OS. Of course, given the vitriol with which PS3 and Nintendo fanboys have been attacking eachother recently (note that both Nintendo’s and Sony’s respective Wikipedia entries are locked!), perhaps writing malicious code for opposition consoles could signify the next great front in the console wars.

Read More | iDefense.com

Advertisement

Advertisement

Post a Comment:







Smileys

Remember my personal information

Notify me of follow-up comments?



Advertisement