Anfälligkeitssuche        Suche in 187964 CVE Beschreibungen
und 85075 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.14248
Kategorie:Windows
Titel:Opera web browser large javaScript array handling vulnerability
Zusammenfassung:The remote host is using Opera - an alternative web browser.; This version is vulnerable to an issue when handling; large JavaScript arrays.;; In particular, it is possible to crash the browser when performing; various operations on Array objects with 99999999999999999999999; or 0x23000000 elements.;; The crash is due to a segmentation fault and may be indicative; of an exploitable memory corruption vulnerability,; possibly resulting in arbitrary code execution.
Beschreibung:Summary:
The remote host is using Opera - an alternative web browser.
This version is vulnerable to an issue when handling
large JavaScript arrays.

In particular, it is possible to crash the browser when performing
various operations on Array objects with 99999999999999999999999
or 0x23000000 elements.

The crash is due to a segmentation fault and may be indicative
of an exploitable memory corruption vulnerability,
possibly resulting in arbitrary code execution.

Solution:
Install Opera 7.50 or newer.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: BugTraq ID: 9869
Common Vulnerability Exposure (CVE) ID: CVE-2004-1810
http://www.securityfocus.com/bid/9869
Bugtraq: 20040314 Opera Array Allocation Managment Exploit (Google Search)
http://marc.info/?l=bugtraq&m=107936810909082&w=2
XForce ISS Database: safari-array-dos(15413)
https://exchange.xforce.ibmcloud.com/vulnerabilities/15413
CopyrightCopyright (C) 2004 David Maciejak

Dies ist nur einer von 85075 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2020 E-Soft Inc. Alle Rechte vorbehalten.