CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
84.7%
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript.
Vendor | Product | Version | CPE |
---|---|---|---|
opera | opera_browser | 9.20 | cpe:/a:opera:opera_browser:9.20::: |
opera | opera_browser | 9.01 | cpe:/a:opera:opera_browser:9.01::: |
opera | opera_browser | 9.10 | cpe:/a:opera:opera_browser:9.10::: |
opera | opera_browser | 9.02 | cpe:/a:opera:opera_browser:9.02::: |
opera | opera_browser | 9.0 | cpe:/a:opera:opera_browser:9.0:beta1:: |
opera | opera_browser | 9.21 | cpe:/a:opera:opera_browser:9.21::: |
opera | opera_browser | 9.0 | cpe:/a:opera:opera_browser:9.0:beta2:: |
opera | opera_browser | 9.20 | cpe:/a:opera:opera_browser:9.20:beta1:: |
opera | opera_browser | 9.0 | cpe:/a:opera:opera_browser:9.0::: |
opera | opera_browser | 9.12 | cpe:/a:opera:opera_browser:9.12::: |