Denial of Service : Opera Unicode String Denial Of Service Vulnerability (Windows)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.900803

Kategorie: Denial of Service

Titel: Opera Unicode String Denial Of Service Vulnerability (Windows)

Zusammenfassung: This host is installed with Opera and is prone to Denial of Service; vulnerability.

Beschreibung: Summary:
This host is installed with Opera and is prone to Denial of Service
vulnerability.

Vulnerability Insight:
- Error caused by calling the 'window.print' function in a loop aka a
'printing DoS attack'.

- CPU consumption issue exists when a series of automatic submissions
of a form containing a KEYGEN element.

- Error exists when application fails to handle user supplied input into
the 'write' method via a long Unicode string argument.

Vulnerability Impact:
Successful exploitation lets the attacker cause memory or CPU consumption,
resulting in Denial of Service condition.

Affected Software/OS:
Opera version 9.52 and prior on Windows.

Solution:
Upgrade to Opera Version 10 or later.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2009-2577
Bugtraq: 20090719 DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome (Google Search)
http://www.securityfocus.com/archive/1/505092/100/0/threaded
http://websecurity.com.ua/3338/
Common Vulnerability Exposure (CVE) ID: CVE-2008-7245
Bugtraq: 20090908 Re: DoS vulnerability in Google Chrome (Google Search)
http://www.securityfocus.com/archive/1/506328/100/100/threaded
http://websecurity.com.ua/2456/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6350
Common Vulnerability Exposure (CVE) ID: CVE-2009-3269
http://websecurity.com.ua/3194/
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6358

Copyright Copyright (C) 2009 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.900803
Kategorie:	Denial of Service
Titel:	Opera Unicode String Denial Of Service Vulnerability (Windows)
Zusammenfassung:	This host is installed with Opera and is prone to Denial of Service; vulnerability.
Beschreibung:	Summary: This host is installed with Opera and is prone to Denial of Service vulnerability. Vulnerability Insight: - Error caused by calling the 'window.print' function in a loop aka a 'printing DoS attack'. - CPU consumption issue exists when a series of automatic submissions of a form containing a KEYGEN element. - Error exists when application fails to handle user supplied input into the 'write' method via a long Unicode string argument. Vulnerability Impact: Successful exploitation lets the attacker cause memory or CPU consumption, resulting in Denial of Service condition. Affected Software/OS: Opera version 9.52 and prior on Windows. Solution: Upgrade to Opera Version 10 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-2577 Bugtraq: 20090719 DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome (Google Search) http://www.securityfocus.com/archive/1/505092/100/0/threaded http://websecurity.com.ua/3338/ Common Vulnerability Exposure (CVE) ID: CVE-2008-7245 Bugtraq: 20090908 Re: DoS vulnerability in Google Chrome (Google Search) http://www.securityfocus.com/archive/1/506328/100/100/threaded http://websecurity.com.ua/2456/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6350 Common Vulnerability Exposure (CVE) ID: CVE-2009-3269 http://websecurity.com.ua/3194/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6358
Copyright	Copyright (C) 2009 Greenbone Networks GmbH