The version of Opera installed on the remote host reportedly contains a heap overflow vulnerability that can be triggered when processing the DHT marker in a specially-crafted JPEG image to crash the browser or possibly allow execution of arbitrary code on the affected host. In addition, another flaw in Operaβs createSVGTransformFromMatrix object typecasting may lead to a browser crash or arbitrary code execution if support for Javascript is enabled.
Binary data 3878.prm
Vendor | Product | Version | CPE |
---|---|---|---|
opera | opera_browser | cpe:/a:opera:opera_browser |
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4819
labs.idefense.com/intelligence/vulnerabilities/display.php?id=457
labs.idefense.com/intelligence/vulnerabilities/display.php?id=458
www.opera.com/support/search/supsearch.dml?index=851
www.opera.com/support/search/supsearch.dml?index=852
www.securityfocus.com/archive/1/456053
www.securityfocus.com/archive/1/456066