Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
BID:25331
Info
Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
| Bugtraq ID: | 25331 |
| Class: | Design Error |
| CVE: |
CVE-2007-4367 |
| Remote: | Yes |
| Local: | No |
| Published: | Aug 15 2007 12:00AM |
| Updated: | Sep 04 2007 09:11PM |
| Credit: | The vendor reported this issue. |
| Vulnerable: |
SuSE Linux 10.1 SuSE Linux 10.0 Opera Software Opera Web Browser 9.22 Opera Software Opera Web Browser 9.21 Opera Software Opera Web Browser 9.20 beta 1 Opera Software Opera Web Browser 9.20 Opera Software Opera Web Browser 9.10 Opera Software Opera Web Browser 9.02 Opera Software Opera Web Browser 9.01 Opera Software Opera Web Browser 9 Gentoo Linux |
| Not Vulnerable: |
Opera Software Opera Web Browser 9.23 |
Discussion
Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
The Opera Web Browser is prone to a remote code-execution vulnerability that occurs when parsing malicious JavaScript code.
Exploiting this issue allows an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects versions prior to Opera 9.23
The Opera Web Browser is prone to a remote code-execution vulnerability that occurs when parsing malicious JavaScript code.
Exploiting this issue allows an attacker to execute arbitrary code with the privileges of the user running the affected application. Failed exploit attempts will result in a denial-of-service condition.
This issue affects versions prior to Opera 9.23
Exploit / POC
Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
An attacker can use the Mozilla.org JavaScript fuzzer to detect this issue. The fuzzer can be obtained from the following site:
https://bugzilla.mozilla.org/show_bug.cgi?id=jsfunfuzz
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
An attacker can use the Mozilla.org JavaScript fuzzer to detect this issue. The fuzzer can be obtained from the following site:
https://bugzilla.mozilla.org/show_bug.cgi?id=jsfunfuzz
Currently we are not aware of any exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution / Fix
Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
Solution:
Opera Software has released Opera 9.23 to address this issue. Please see the references for more information.
SuSE Linux 10.0
SuSE Linux 10.1
Solution:
Opera Software has released Opera 9.23 to address this issue. Please see the references for more information.
SuSE Linux 10.0
-
SuSE x86 Platform: SUSE Linux 10.0
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/opera-9.23-1.2.i 586.rpm -
SuSE x86-64 Platform: SUSE Linux 10.0
ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/opera-9.23-1.2 .x86_64.rpm
SuSE Linux 10.1
-
SuSE PowerPC Platform: SUSE Linux 10.1
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/opera-9.23-2.2.ppc.rpm -
SuSE x86 Platform: SUSE Linux 10.1
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/opera-9.23-2.2.i586.r pm -
SuSE x86-64 Platform: SUSE Linux 10.1
ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/opera-9.23-2.2.x86_ 64.rpm
References
Opera Web Browser Invalid Pointer Remote Code Execution Vulnerability
References:
References:
- Opera Download Page (Opera)
- Opera Homepage (Opera Software)
- Advisory: a specially crafted JavaScript can make Opera execute arbitrary code (Opera Software)