[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Opera 9 DoS PoC

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Opera 9 DoS PoC
From: N9@xxxxxxxxxxx
Date: 21 Jun 2006 03:39:09 -0000

Critical Security advisory #009 [http://www.critical.lt] 
Advisory can be reached: http://www.critical.lt/?vuln/349 

We are: N9, bigb0u, cybergoth, iglOo, mircia, Povilas  
Shouts to Lithuanian girlz! and our friends ;] 

Product: Opera 9 (8.x is immune to this) 
Vuln type: Denial of Service 
Risk: moderated 
Attack type: Remote  

Details: 

Vulnerability can be exploited by using a large value in a href tag to create 
an out-of-bounds memory access. 

Proof Of Concept DoS exploit:  
http://www.critical.lt/research/opera_die_happy.html 

Research was originaly done by Povilas Tum&#279;nas a.k.a. N9 

P.S. To Opera Team, we like your browser and want it to be as good as possible.

Follow-Ups:
- Re: Opera 9 DoS PoC
  - From: Bruno Lustosa

Prev by Date: [ MDKSA-2006:108 ] - Updated xine-lib packages fix buffer overflow vulnerabilities
Next by Date: Bypassing of web filters by using ASCII
Previous by thread: [ MDKSA-2006:108 ] - Updated xine-lib packages fix buffer overflow vulnerabilities
Next by thread: Re: Opera 9 DoS PoC
Index(es):
- Date
- Thread