ID

VAR-201005-0393

CVE

CVE-2010-1728

TITLE

Windows and Mac OS X Run on Opera Vulnerable to arbitrary code execution

DESCRIPTION

Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. This vulnerability CVE-2006-6955 And may be duplicated.By a third party JavaScript Any code can be executed via, or service disruption (DoS) There is a possibility of being put into a state. Opera Web Browser is prone to a denial-of-service vulnerability. It supports multi-window browsing and a customizable user interface. The vulnerability could result in the use of uninitialized memory. ---------------------------------------------------------------------- Proof-of-Concept (PoC) and Extended Analysis available for customers. Get a free trial, contact sales@secunia.com ---------------------------------------------------------------------- TITLE: Opera Content Writing Uninitialised Memory Vulnerability SECUNIA ADVISORY ID: SA39590 VERIFY ADVISORY: http://secunia.com/advisories/39590/ DESCRIPTION: A vulnerability has been discovered in Opera, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when e.g. continuously writing content to a page using document.write() and results in a function call using uninitialised memory when a user visits a specially crafted web page. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 10.52 for Windows. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites of follow links from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Reported as a crash by Mathias Karlsson. Additional information provided by Secunia Research. ORIGINAL ADVISORY: Mathias Karlsson: http://h.ackack.net/?p=258 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------

AFFECTED PRODUCTS

CVSS

PROBLEMTYPE DATA

THREAT TYPE

remote

TYPE

resource management error

CONFIGURATIONS

PATCH

EXTERNAL IDS

REFERENCES

CREDITS

Unknown

SOURCES

LAST UPDATE DATE

2024-11-23T22:53:40.782000+00:00

SOURCES UPDATE DATE

SOURCES RELEASE DATE