vendor:
Opera Web Browser
by:
C4SS!0 G0M3S
7.5
CVSS
HIGH
Integer Overflow
190
CWE
Product Name: Opera Web Browser
Affected Version From: 11
Affected Version To: 11
Patch Exists: YES
Related CWE: N/A
CPE: a:opera_software:opera
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: WIN-XP SP3 PORTUGUESE BRAZILIAN
2011
Exploit Integer Overflow Opera Web Browser 11.00
This exploit is only a Denial of Service in opera web browser. It creates a poc using heap spray that allow code execution, but the author does not post it because it can be used for evil. The exploit creates a HTML file with a select tag containing a large number of option tags with the same content. This causes an integer overflow in the program, leading to a Denial of Service.
Mitigation:
Update to the latest version of Opera Web Browser.