var-201005-0393
Vulnerability from variot
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. This vulnerability CVE-2006-6955 And may be duplicated.By a third party JavaScript Any code can be executed via, or service disruption (DoS) There is a possibility of being put into a state. Opera Web Browser is prone to a denial-of-service vulnerability. It supports multi-window browsing and a customizable user interface. The vulnerability could result in the use of uninitialized memory. ----------------------------------------------------------------------
Proof-of-Concept (PoC) and Extended Analysis available for customers.
Get a free trial, contact sales@secunia.com
TITLE: Opera Content Writing Uninitialised Memory Vulnerability
SECUNIA ADVISORY ID: SA39590
VERIFY ADVISORY: http://secunia.com/advisories/39590/
DESCRIPTION: A vulnerability has been discovered in Opera, which can be exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an error when e.g. continuously writing content to a page using document.write() and results in a function call using uninitialised memory when a user visits a specially crafted web page.
Successful exploitation may allow execution of arbitrary code.
The vulnerability is confirmed in version 10.52 for Windows. Other versions may also be affected.
SOLUTION: Do not browse untrusted web sites of follow links from untrusted sources.
PROVIDED AND/OR DISCOVERED BY: Reported as a crash by Mathias Karlsson.
Additional information provided by Secunia Research.
ORIGINAL ADVISORY: Mathias Karlsson: http://h.ackack.net/?p=258
About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities.
Subscribe: http://secunia.com/advisories/secunia_security_advisories/
Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/
Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.
Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org
Show details on source website
{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201005-0393", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "8.54", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "9.20", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "8.52", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "9.02", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "9.0", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "9.01", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "9.10", }, { model: "browser", scope: "eq", trust: 1.6, vendor: "opera", version: "8.51", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "10.51", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.01", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.04", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "8.50", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.60", }, { model: "browser", scope: "lte", trust: 1, vendor: "opera", version: "10.52", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.51", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.11", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.06", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.02", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.12", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "5.12", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.02", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "5.10", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "10.50", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.64", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.10", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.52", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.24", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "8.01", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.60", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "10.01", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.25", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.05", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "8.0", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.1", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.50", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.54", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.63", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.52", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.0", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.26", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "5.02", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.27", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "5.11", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.03", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.61", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.11", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.21", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "10.00", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.50", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "6.03", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.01", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "5.0", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.20", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.53", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.22", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "9.22", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "7.0", }, { model: "browser", scope: "eq", trust: 1, vendor: "opera", version: "10.10", }, { model: "opera", scope: "lt", trust: 0.8, vendor: "opera asa", version: "10.53", }, { model: "browser", scope: "eq", trust: 0.6, vendor: "opera", version: "9.00", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.51", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.50", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.01", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.0", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.54", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.53", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.52", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.50", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.22", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.21", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.20", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.11", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "7.10", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "6.0.1", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "6.0", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "5.12", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.64", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.63", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.61", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.60", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.52", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.51", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.5", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.27", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.26", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.25", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.24", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.22", }, { model: "software opera web browser beta", scope: "eq", trust: 0.3, vendor: "opera", version: "9.201", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.20", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.10", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.02", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9.01", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "9", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.54", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "8.52", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.52", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.51", }, { model: "software opera web browser beta2", scope: "eq", trust: 0.3, vendor: "opera", version: "10.50", }, { model: "software opera web browser beta1", scope: "eq", trust: 0.3, vendor: "opera", version: "10.50", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.50", }, { model: "software opera web browser beta1", scope: "eq", trust: 0.3, vendor: "opera", version: "10.10", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.10", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.01", }, { model: "software opera web browser beta3", scope: "eq", trust: 0.3, vendor: "opera", version: "10.00", }, { model: "software opera web browser beta2", scope: "eq", trust: 0.3, vendor: "opera", version: "10.00", }, { model: "software opera web browser beta1", scope: "eq", trust: 0.3, vendor: "opera", version: "10.00", }, { model: "software opera web browser", scope: "eq", trust: 0.3, vendor: "opera", version: "10.00", }, ], sources: [ { db: "BID", id: "78966", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "NVD", id: "CVE-2010-1728", }, { db: "CNNVD", id: "CNNVD-201005-066", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { children: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.00:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.50:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.27:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.63:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.64:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.00:beta3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.24:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.51:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.52:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.00:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.00:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.50:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.51:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.50:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.50:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "10.52", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:10.10:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.25:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.26:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.60:beta1:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:opera:opera_browser:9.61:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, { cpe23Uri: "cpe:2.3:o:microsoft:windows:*:*:*:*:*:*:*:*", cpe_name: [], vulnerable: false, }, ], operator: "OR", }, ], cpe_match: [], operator: "AND", }, ], }, ], sources: [ { db: "NVD", id: "CVE-2010-1728", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Unknown", sources: [ { db: "BID", id: "78966", }, ], trust: 0.3, }, cve: "CVE-2010-1728", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { acInsufInfo: false, accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "NVD", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, impactScore: 10, integrityImpact: "COMPLETE", obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "HIGH", trust: 1, userInteractionRequired: true, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { acInsufInfo: null, accessComplexity: "Medium", accessVector: "Network", authentication: "None", author: "NVD", availabilityImpact: "Complete", baseScore: 9.3, confidentialityImpact: "Complete", exploitabilityScore: null, id: "CVE-2010-1728", impactScore: null, integrityImpact: "Complete", obtainAllPrivilege: null, obtainOtherPrivilege: null, obtainUserPrivilege: null, severity: "High", trust: 0.8, userInteractionRequired: null, vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", author: "VULHUB", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", exploitabilityScore: 8.6, id: "VHN-44333", impactScore: 10, integrityImpact: "COMPLETE", severity: "HIGH", trust: 0.1, vectorString: "AV:N/AC:M/AU:N/C:C/I:C/A:C", version: "2.0", }, ], cvssV3: [], severity: [ { author: "NVD", id: "CVE-2010-1728", trust: 1.8, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201005-066", trust: 0.6, value: "CRITICAL", }, { author: "VULHUB", id: "VHN-44333", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "VULHUB", id: "VHN-44333", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "NVD", id: "CVE-2010-1728", }, { db: "CNNVD", id: "CNNVD-201005-066", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. This vulnerability CVE-2006-6955 And may be duplicated.By a third party JavaScript Any code can be executed via, or service disruption (DoS) There is a possibility of being put into a state. Opera Web Browser is prone to a denial-of-service vulnerability. It supports multi-window browsing and a customizable user interface. The vulnerability could result in the use of uninitialized memory. ----------------------------------------------------------------------\n\n\nProof-of-Concept (PoC) and Extended Analysis available for customers. \n\nGet a free trial, contact sales@secunia.com\n\n\n----------------------------------------------------------------------\n\nTITLE:\nOpera Content Writing Uninitialised Memory Vulnerability\n\nSECUNIA ADVISORY ID:\nSA39590\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/39590/\n\nDESCRIPTION:\nA vulnerability has been discovered in Opera, which can be exploited\nby malicious people to compromise a user's system. \n\nThe vulnerability is caused due to an error when e.g. continuously\nwriting content to a page using document.write() and results in a\nfunction call using uninitialised memory when a user visits a\nspecially crafted web page. \n\nSuccessful exploitation may allow execution of arbitrary code. \n\nThe vulnerability is confirmed in version 10.52 for Windows. Other\nversions may also be affected. \n\nSOLUTION:\nDo not browse untrusted web sites of follow links from untrusted\nsources. \n\nPROVIDED AND/OR DISCOVERED BY:\nReported as a crash by Mathias Karlsson. \n\nAdditional information provided by Secunia Research. \n\nORIGINAL ADVISORY:\nMathias Karlsson:\nhttp://h.ackack.net/?p=258\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\nprivate users keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/advisories/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/advisories/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n", sources: [ { db: "NVD", id: "CVE-2010-1728", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "BID", id: "78966", }, { db: "VULHUB", id: "VHN-44333", }, { db: "PACKETSTORM", id: "88982", }, ], trust: 2.07, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2010-1728", trust: 2.8, }, { db: "SECUNIA", id: "39590", trust: 2.6, }, { db: "VUPEN", id: "ADV-2010-0999", trust: 2.5, }, { db: "XF", id: "58231", trust: 1.7, }, { db: "JVNDB", id: "JVNDB-2010-002033", trust: 0.8, }, { db: "CNNVD", id: "CNNVD-201005-066", trust: 0.7, }, { db: "BID", id: "78966", trust: 0.4, }, { db: "VULHUB", id: "VHN-44333", trust: 0.1, }, { db: "PACKETSTORM", id: "88982", trust: 0.1, }, ], sources: [ { db: "VULHUB", id: "VHN-44333", }, { db: "BID", id: "78966", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "PACKETSTORM", id: "88982", }, { db: "NVD", id: "CVE-2010-1728", }, { db: "CNNVD", id: "CNNVD-201005-066", }, ], }, id: "VAR-201005-0393", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "VULHUB", id: "VHN-44333", }, ], trust: 0.01, }, last_update_date: "2023-12-18T14:02:15.591000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "953", trust: 0.8, url: "http://www.opera.com/support/kb/view/953", }, { title: "windows/1053", trust: 0.8, url: "http://www.opera.com/docs/changelogs/windows/1053", }, { title: "mac/1053", trust: 0.8, url: "http://www.opera.com/docs/changelogs/mac/1053", }, ], sources: [ { db: "JVNDB", id: "JVNDB-2010-002033", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-399", trust: 1.9, }, ], sources: [ { db: "VULHUB", id: "VHN-44333", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "NVD", id: "CVE-2010-1728", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.5, url: "http://secunia.com/advisories/39590", }, { trust: 2.5, url: "http://www.vupen.com/english/advisories/2010/0999", }, { trust: 2.1, url: "http://h.ackack.net/?p=258", }, { trust: 2, url: "http://my.opera.com/desktopteam/blog/2010/04/28/opera-10-53-rc1-for-windows-and-mac", }, { trust: 2, url: "http://www.opera.com/docs/changelogs/mac/1053/", }, { trust: 2, url: "http://www.opera.com/docs/changelogs/windows/1053/", }, { trust: 2, url: "http://www.opera.com/support/kb/view/953/", }, { trust: 1.7, url: "http://xforce.iss.net/xforce/xfdb/58231", }, { trust: 1.1, url: "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11927", }, { trust: 1.1, url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/58231", }, { trust: 0.8, url: "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-1728", }, { trust: 0.8, url: "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2010-1728", }, { trust: 0.1, url: "http://secunia.com/advisories/secunia_security_advisories/", }, { trust: 0.1, url: "http://secunia.com/advisories/39590/", }, { trust: 0.1, url: "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org", }, { trust: 0.1, url: "http://secunia.com/advisories/about_secunia_advisories/", }, ], sources: [ { db: "VULHUB", id: "VHN-44333", }, { db: "BID", id: "78966", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "PACKETSTORM", id: "88982", }, { db: "NVD", id: "CVE-2010-1728", }, { db: "CNNVD", id: "CNNVD-201005-066", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "VULHUB", id: "VHN-44333", }, { db: "BID", id: "78966", }, { db: "JVNDB", id: "JVNDB-2010-002033", }, { db: "PACKETSTORM", id: "88982", }, { db: "NVD", id: "CVE-2010-1728", }, { db: "CNNVD", id: "CNNVD-201005-066", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2010-05-06T00:00:00", db: "VULHUB", id: "VHN-44333", }, { date: "2010-05-06T00:00:00", db: "BID", id: "78966", }, { date: "2010-09-27T00:00:00", db: "JVNDB", id: "JVNDB-2010-002033", }, { date: "2010-04-27T05:38:25", db: "PACKETSTORM", id: "88982", }, { date: "2010-05-06T14:53:01.563000", db: "NVD", id: "CVE-2010-1728", }, { date: "2010-05-06T00:00:00", db: "CNNVD", id: "CNNVD-201005-066", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2018-10-30T00:00:00", db: "VULHUB", id: "VHN-44333", }, { date: "2010-05-06T00:00:00", db: "BID", id: "78966", }, { date: "2010-09-27T00:00:00", db: "JVNDB", id: "JVNDB-2010-002033", }, { date: "2018-10-30T16:26:33.437000", db: "NVD", id: "CVE-2010-1728", }, { date: "2010-05-06T00:00:00", db: "CNNVD", id: "CNNVD-201005-066", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201005-066", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Windows and Mac OS X Run on Opera Vulnerable to arbitrary code execution", sources: [ { db: "JVNDB", id: "JVNDB-2010-002033", }, ], trust: 0.8, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "resource management error", sources: [ { db: "CNNVD", id: "CNNVD-201005-066", }, ], trust: 0.6, }, }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.