Lucene search

[email protected]NVD:CVE-2008-5679

HistoryDec 19, 2008 - 4:30 p.m.

CVE-2008-5679

2008-12-1916:30:00

CWE-399

[email protected]

web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.

Affected configurations

NVD

Node

operaopera

operaoperaRange≤9.62

operaoperaMatch5..10

operaoperaMatch5.0

operaoperaMatch5.0beta_2

operaoperaMatch5.0beta_3

operaoperaMatch5.0beta_4

operaoperaMatch5.0beta_5

operaoperaMatch5.0beta_6

operaoperaMatch5.0beta_7

operaoperaMatch5.0beta_8

operaoperaMatch5.1

operaoperaMatch5.02

operaoperaMatch5.2

operaoperaMatch5.3

operaoperaMatch5.4

operaoperaMatch5.5

operaoperaMatch5.6

operaoperaMatch5.7

operaoperaMatch5.8

operaoperaMatch5.9

operaoperaMatch5.10

operaoperaMatch5.11

operaoperaMatch5.12

operaoperaMatch6beta_1

operaoperaMatch6.0

operaoperaMatch6.0beta_1

operaoperaMatch6.0beta_2

operaoperaMatch6.0beta_3

operaoperaMatch6.1

operaoperaMatch6.01

operaoperaMatch6.02

operaoperaMatch6.03

operaoperaMatch6.04

operaoperaMatch6.05

operaoperaMatch6.06

operaoperaMatch6.11

operaoperaMatch6.12

operaoperaMatch7beta_1

operaoperaMatch7beta_1.2

operaoperaMatch7.0

operaoperaMatch7.0beta_1

operaoperaMatch7.0beta_1v2

operaoperaMatch7.0beta_2

operaoperaMatch7.01

operaoperaMatch7.02

operaoperaMatch7.03

operaoperaMatch7.10

operaoperaMatch7.11

operaoperaMatch7.20

operaoperaMatch7.20beta7

operaoperaMatch7.21

operaoperaMatch7.22

operaoperaMatch7.23

operaoperaMatch7.50

operaoperaMatch7.50beta_1

operaoperaMatch7.51

operaoperaMatch7.52

operaoperaMatch7.53

operaoperaMatch7.54

operaoperaMatch7.54update_1

operaoperaMatch7.54update_2

operaoperaMatch8.0

operaoperaMatch8.0beta_1

operaoperaMatch8.0beta_2

operaoperaMatch8.0beta_3

operaoperaMatch8.01

operaoperaMatch8.02

operaoperaMatch8.50

operaoperaMatch8.51

operaoperaMatch8.52

operaoperaMatch8.53

operaoperaMatch8.54

operaoperaMatch9.0

operaoperaMatch9.0beta_1

operaoperaMatch9.0beta_2

operaoperaMatch9.01

operaoperaMatch9.02

operaoperaMatch9.6

operaoperaMatch9.10

operaoperaMatch9.20

operaoperaMatch9.20beta_1

operaoperaMatch9.21

operaoperaMatch9.22

operaoperaMatch9.23

operaoperaMatch9.24

operaoperaMatch9.25

operaoperaMatch9.26

operaoperaMatch9.27

operaoperaMatch9.50

operaoperaMatch9.50beta_1

operaoperaMatch9.50beta_2

operaoperaMatch9.51

operaoperaMatch9.52

operaoperaMatch9.60

operaoperaMatch9.60beta_1

operaoperaMatch9.61

References

secunia.com/advisories/34294

security.gentoo.org/glsa/glsa-200903-30.xml

securityreason.com/securityalert/4791

www.nruns.com/security_advisory_opera_html_parsing_code_execution.php

www.opera.com/docs/changelogs/linux/963/

www.opera.com/support/kb/view/921/

www.securityfocus.com/archive/1/499315/100/0/threaded

www.securitytracker.com/id?1021460

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

High

0.038 Low

EPSS

Percentile

91.9%

JSON

Related for NVD:CVE-2008-5679

cvelist1 ubuntucve1 prion1 cve1 openvas6 nessus1 gentoo1