variot - var-201005-0393

var-201005-0393

Vulnerability from variot

Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. This vulnerability CVE-2006-6955 And may be duplicated.By a third party JavaScript Any code can be executed via, or service disruption (DoS) There is a possibility of being put into a state. Opera Web Browser is prone to a denial-of-service vulnerability. It supports multi-window browsing and a customizable user interface. The vulnerability could result in the use of uninitialized memory. ----------------------------------------------------------------------

Proof-of-Concept (PoC) and Extended Analysis available for customers.

Get a free trial, contact sales@secunia.com

TITLE: Opera Content Writing Uninitialised Memory Vulnerability

SECUNIA ADVISORY ID: SA39590

VERIFY ADVISORY: http://secunia.com/advisories/39590/

DESCRIPTION: A vulnerability has been discovered in Opera, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an error when e.g. continuously writing content to a page using document.write() and results in a function call using uninitialised memory when a user visits a specially crafted web page.

Successful exploitation may allow execution of arbitrary code.

The vulnerability is confirmed in version 10.52 for Windows. Other versions may also be affected.

SOLUTION: Do not browse untrusted web sites of follow links from untrusted sources.

PROVIDED AND/OR DISCOVERED BY: Reported as a crash by Mathias Karlsson.

Additional information provided by Secunia Research.

ORIGINAL ADVISORY: Mathias Karlsson: http://h.ackack.net/?p=258

About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Show details on source website

JSON

Hacker News

LinkedIn

Mastodon

Newspipe

Pinboard

Reddit

To clipboard

{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201005-0393", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "8.54" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "9.20" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "8.52" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "9.02" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "9.0" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "9.01" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "9.10" }, { "model": "browser", "scope": "eq", "trust": 1.6, "vendor": "opera", "version": "8.51" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "10.51" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.01" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.04" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "8.50" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.60" }, { "model": "browser", "scope": "lte", "trust": 1.0, "vendor": "opera", "version": "10.52" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.51" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.11" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.06" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.02" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.12" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "5.12" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.02" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "5.10" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "10.50" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.64" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.10" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.52" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.24" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "8.01" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.60" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "10.01" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.25" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.05" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "8.0" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.1" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.50" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.54" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.63" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.52" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.0" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.26" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "5.02" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.27" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "5.11" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.03" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.61" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.11" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.21" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "10.00" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.50" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "6.03" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.01" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "5.0" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.20" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.53" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.22" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "9.22" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "7.0" }, { "model": "browser", "scope": "eq", "trust": 1.0, "vendor": "opera", "version": "10.10" }, { "model": "opera", "scope": "lt", "trust": 0.8, "vendor": "opera asa", "version": "10.53" }, { "model": "browser", "scope": "eq", "trust": 0.6, "vendor": "opera", "version": "9.00" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.51" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.50" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.01" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.0" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.54" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.53" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.52" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.50" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.22" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.21" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.20" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.11" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "7.10" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0.1" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "6.0" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "5.12" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.64" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.63" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.61" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.60" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.52" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.51" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.5" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.27" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.26" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.25" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.24" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.22" }, { "model": "software opera web browser beta", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.201" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.20" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.10" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.02" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9.01" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "9" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.54" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "8.52" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.52" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.51" }, { "model": "software opera web browser beta2", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.50" }, { "model": "software opera web browser beta1", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.50" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.50" }, { "model": "software opera web browser beta1", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.10" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.10" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.01" }, { "model": "software opera web browser beta3", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.00" }, { "model": "software opera web browser beta2", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.00" }, { "model": "software opera web browser beta1", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.00" }, { "model": "software opera web browser", "scope": "eq", "trust": 0.3, "vendor": "opera", "version": "10.00" } ], "sources": [ { "db": "BID", "id": "78966" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.50:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.27:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.63:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.64:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.00:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.24:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.00:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.00:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.50:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.50:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.50:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*", "cpe_name": [], "versionEndIncluding": "10.52", "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:10.10:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.25:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.26:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.60:beta1:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:opera:opera_browser:9.61:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false }, { "cpe23Uri": "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": false } ], "operator": "OR" } ], "cpe_match": [], "operator": "AND" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2010-1728" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Unknown", "sources": [ { "db": "BID", "id": "78966" } ], "trust": 0.3 }, "cve": "CVE-2010-1728", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "impactScore": 10.0, "integrityImpact": "COMPLETE", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": true, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Medium", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Complete", "baseScore": 9.3, "confidentialityImpact": "Complete", "exploitabilityScore": null, "id": "CVE-2010-1728", "impactScore": null, "integrityImpact": "Complete", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.8, "userInteractionRequired": null, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0" }, { "accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "exploitabilityScore": 8.6, "id": "VHN-44333", "impactScore": 10.0, "integrityImpact": "COMPLETE", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C", "version": "2.0" } ], "cvssV3": [], "severity": [ { "author": "NVD", "id": "CVE-2010-1728", "trust": 1.8, "value": "HIGH" }, { "author": "CNNVD", "id": "CNNVD-201005-066", "trust": 0.6, "value": "CRITICAL" }, { "author": "VULHUB", "id": "VHN-44333", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-44333" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. This vulnerability CVE-2006-6955 And may be duplicated.By a third party JavaScript Any code can be executed via, or service disruption (DoS) There is a possibility of being put into a state. Opera Web Browser is prone to a denial-of-service vulnerability. It supports multi-window browsing and a customizable user interface. The vulnerability could result in the use of uninitialized memory. ----------------------------------------------------------------------\n\n\nProof-of-Concept (PoC) and Extended Analysis available for customers. \n\nGet a free trial, contact sales@secunia.com\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpera Content Writing Uninitialised Memory Vulnerability\n\nSECUNIA ADVISORY ID:\nSA39590\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39590/\n\nDESCRIPTION:\nA vulnerability has been discovered in Opera, which can be exploited\nby malicious people to compromise a user\u0027s system. \n\nThe vulnerability is caused due to an error when e.g. continuously\nwriting content to a page using document.write() and results in a\nfunction call using uninitialised memory when a user visits a\nspecially crafted web page. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is confirmed in version 10.52 for Windows. Other\nversions may also be affected. \n\nSOLUTION:\nDo not browse untrusted web sites of follow links from untrusted\nsources. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a crash by Mathias Karlsson. \n\nAdditional information provided by Secunia Research. \n\nORIGINAL ADVISORY:\nMathias Karlsson:\nhttp://h.ackack.net/?p=258\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", "sources": [ { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "BID", "id": "78966" }, { "db": "VULHUB", "id": "VHN-44333" }, { "db": "PACKETSTORM", "id": "88982" } ], "trust": 2.07 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2010-1728", "trust": 2.8 }, { "db": "SECUNIA", "id": "39590", "trust": 2.6 }, { "db": "VUPEN", "id": "ADV-2010-0999", "trust": 2.5 }, { "db": "XF", "id": "58231", "trust": 1.7 }, { "db": "JVNDB", "id": "JVNDB-2010-002033", "trust": 0.8 }, { "db": "CNNVD", "id": "CNNVD-201005-066", "trust": 0.7 }, { "db": "BID", "id": "78966", "trust": 0.4 }, { "db": "VULHUB", "id": "VHN-44333", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "88982", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-44333" }, { "db": "BID", "id": "78966" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "PACKETSTORM", "id": "88982" }, { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "id": "VAR-201005-0393", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-44333" } ], "trust": 0.01 }, "last_update_date": "2023-12-18T14:02:15.591000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "953", "trust": 0.8, "url": "http://www.opera.com/support/kb/view/953" }, { "title": "windows/1053", "trust": 0.8, "url": "http://www.opera.com/docs/changelogs/windows/1053" }, { "title": "mac/1053", "trust": 0.8, "url": "http://www.opera.com/docs/changelogs/mac/1053" } ], "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-002033" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-399", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-44333" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "NVD", "id": "CVE-2010-1728" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 2.5, "url": "http://secunia.com/advisories/39590" }, { "trust": 2.5, "url": "http://www.vupen.com/english/advisories/2010/0999" }, { "trust": 2.1, "url": "http://h.ackack.net/?p=258" }, { "trust": 2.0, "url": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" }, { "trust": 2.0, "url": "http://www.opera.com/docs/changelogs/mac/1053/" }, { "trust": 2.0, "url": "http://www.opera.com/docs/changelogs/windows/1053/" }, { "trust": 2.0, "url": "http://www.opera.com/support/kb/view/953/" }, { "trust": 1.7, "url": "http://xforce.iss.net/xforce/xfdb/58231" }, { "trust": 1.1, "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11927" }, { "trust": 1.1, "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" }, { "trust": 0.8, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1728" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1728" }, { "trust": 0.1, "url": "http://secunia.com/advisories/secunia_security_advisories/" }, { "trust": 0.1, "url": "http://secunia.com/advisories/39590/" }, { "trust": 0.1, "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org" }, { "trust": 0.1, "url": "http://secunia.com/advisories/about_secunia_advisories/" } ], "sources": [ { "db": "VULHUB", "id": "VHN-44333" }, { "db": "BID", "id": "78966" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "PACKETSTORM", "id": "88982" }, { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-44333" }, { "db": "BID", "id": "78966" }, { "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "db": "PACKETSTORM", "id": "88982" }, { "db": "NVD", "id": "CVE-2010-1728" }, { "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2010-05-06T00:00:00", "db": "VULHUB", "id": "VHN-44333" }, { "date": "2010-05-06T00:00:00", "db": "BID", "id": "78966" }, { "date": "2010-09-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "date": "2010-04-27T05:38:25", "db": "PACKETSTORM", "id": "88982" }, { "date": "2010-05-06T14:53:01.563000", "db": "NVD", "id": "CVE-2010-1728" }, { "date": "2010-05-06T00:00:00", "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-10-30T00:00:00", "db": "VULHUB", "id": "VHN-44333" }, { "date": "2010-05-06T00:00:00", "db": "BID", "id": "78966" }, { "date": "2010-09-27T00:00:00", "db": "JVNDB", "id": "JVNDB-2010-002033" }, { "date": "2018-10-30T16:26:33.437000", "db": "NVD", "id": "CVE-2010-1728" }, { "date": "2010-05-06T00:00:00", "db": "CNNVD", "id": "CNNVD-201005-066" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "CNNVD", "id": "CNNVD-201005-066" } ], "trust": 0.6 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Windows and Mac OS X Run on Opera Vulnerable to arbitrary code execution", "sources": [ { "db": "JVNDB", "id": "JVNDB-2010-002033" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "resource management error", "sources": [ { "db": "CNNVD", "id": "CNNVD-201005-066" } ], "trust": 0.6 } }

cve-2010-1728

Vulnerability from cvelistv5

Published
2010-05-05 14:00

Modified
2024-08-07 01:35

Severity ?

Summary
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955.

References

▼ URL Tags

http://www.opera.com/docs/changelogs/mac/1053/ x_refsource_CONFIRM

http://www.opera.com/docs/changelogs/windows/1053/ x_refsource_CONFIRM

http://www.opera.com/support/kb/view/953/ x_refsource_CONFIRM

http://h.ackack.net/?p=258 x_refsource_MISC

http://www.vupen.com/english/advisories/2010/0999 vdb-entry, x_refsource_VUPEN

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927 vdb-entry, signature, x_refsource_OVAL

http://secunia.com/advisories/39590 third-party-advisory, x_refsource_SECUNIA

https://exchange.xforce.ibmcloud.com/vulnerabilities/58231 vdb-entry, x_refsource_XF

http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac x_refsource_CONFIRM

Impacted products

Vendor Product Version

▼ n/a n/a Version: n/a

Show details on NVD website

JSON

Hacker News

LinkedIn

Mastodon

Newspipe

Pinboard

Reddit

To clipboard

{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-07T01:35:53.991Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.opera.com/docs/changelogs/mac/1053/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.opera.com/docs/changelogs/windows/1053/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.opera.com/support/kb/view/953/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://h.ackack.net/?p=258" }, { "name": "ADV-2010-0999", "tags": [ "vdb-entry", "x_refsource_VUPEN", "x_transferred" ], "url": "http://www.vupen.com/english/advisories/2010/0999" }, { "name": "oval:org.mitre.oval:def:11927", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL", "x_transferred" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927" }, { "name": "39590", "tags": [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred" ], "url": "http://secunia.com/advisories/39590" }, { "name": "opera-documentwrite-code-execution(58231)", "tags": [ "vdb-entry", "x_refsource_XF", "x_transferred" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2010-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2017-09-18T12:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.opera.com/docs/changelogs/mac/1053/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.opera.com/docs/changelogs/windows/1053/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.opera.com/support/kb/view/953/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://h.ackack.net/?p=258" }, { "name": "ADV-2010-0999", "tags": [ "vdb-entry", "x_refsource_VUPEN" ], "url": "http://www.vupen.com/english/advisories/2010/0999" }, { "name": "oval:org.mitre.oval:def:11927", "tags": [ "vdb-entry", "signature", "x_refsource_OVAL" ], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927" }, { "name": "39590", "tags": [ "third-party-advisory", "x_refsource_SECUNIA" ], "url": "http://secunia.com/advisories/39590" }, { "name": "opera-documentwrite-code-execution(58231)", "tags": [ "vdb-entry", "x_refsource_XF" ], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2010-1728", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes \u003cmarquee\u003e sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.opera.com/docs/changelogs/mac/1053/", "refsource": "CONFIRM", "url": "http://www.opera.com/docs/changelogs/mac/1053/" }, { "name": "http://www.opera.com/docs/changelogs/windows/1053/", "refsource": "CONFIRM", "url": "http://www.opera.com/docs/changelogs/windows/1053/" }, { "name": "http://www.opera.com/support/kb/view/953/", "refsource": "CONFIRM", "url": "http://www.opera.com/support/kb/view/953/" }, { "name": "http://h.ackack.net/?p=258", "refsource": "MISC", "url": "http://h.ackack.net/?p=258" }, { "name": "ADV-2010-0999", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2010/0999" }, { "name": "oval:org.mitre.oval:def:11927", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927" }, { "name": "39590", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/39590" }, { "name": "opera-documentwrite-code-execution(58231)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231" }, { "name": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac", "refsource": "CONFIRM", "url": "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2010-1728", "datePublished": "2010-05-05T14:00:00", "dateReserved": "2010-05-05T00:00:00", "dateUpdated": "2024-08-07T01:35:53.991Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }

Log in or create an account to share your comment.

Tags
Taxonomy of the tags.

Loading…

Loading…

All sightings related to this event Export sightings related to this event

Loading…

Sightings

Author Source Type Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.

Confirmed: The vulnerability is confirmed from an analyst perspective.

Exploited: This vulnerability was exploited and seen by the user reporting the sighting.

Patched: This vulnerability was successfully patched by the user reporting the sighting.

Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.

Not confirmed: The user expresses doubt about the veracity of the vulnerability.

Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Computer Incident Response Center Luxembourg (CIRCL)

Dumps Contributors Documentation API About

▼	URL	Tags
	http://www.opera.com/docs/changelogs/mac/1053/	x_refsource_CONFIRM
	http://www.opera.com/docs/changelogs/windows/1053/	x_refsource_CONFIRM
	http://www.opera.com/support/kb/view/953/	x_refsource_CONFIRM
	http://h.ackack.net/?p=258	x_refsource_MISC
	http://www.vupen.com/english/advisories/2010/0999	vdb-entry, x_refsource_VUPEN
	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11927	vdb-entry, signature, x_refsource_OVAL
	http://secunia.com/advisories/39590	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/58231	vdb-entry, x_refsource_XF
	http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac	x_refsource_CONFIRM

Action not permitted

var-201005-0393

Vulnerability from variot

cve-2010-1728

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature