OSVDB ID: 27374

Title: Opera CSS Background Property Long HTTPS URL Handling Memory Corruption

Info

Disclosure

Jul 25, 2006

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

Opera contains a flaw that is triggered when handling a background property set to an overly long HTTPS URL. While reported as 'memory corruption' the issue just seems to be an out-of-bounds read error that does not corrupt memory in any manner. With a specially crafted web page, a context-dependent attacker can crash the browser or potentially have a more severe impact.

Classification

Location: Context Dependent
Attack Type: Input Manipulation
Impact: Loss of Availability
Solution: Upgrade
Exploit: PoC Public
Disclosure: Vendor Verified, Uncoordinated Disclosure
OSVDB: Concern, Myth / Fake

Solution

Upgrade to version 9.01 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Opera Software ASA

9

References

Credit

  • H.D. Moore -


Direct URL: http://osvdb.org/27374