5.1 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:H/Au:N/C:P/I:P/A:P
0.299 Low
EPSS
Percentile
96.9%
iDefense Labs reports:
Remote exploitation of a heap overflow vulnerability
within version 9 of Opera Software’s Opera Web browser
could allow an attacker to execute arbitrary code on the
affected host.
A flaw exists within Opera when parsing a tag that
contains a URL. A heap buffer with a constant size of 256
bytes is allocated to store the URL, and the tag’s URL is
copied into this buffer without sufficient bounds checking
of its length.