Summary
The host is installed with Opera and is prone to multiple denial of service vulnerabilities.
Impact
Successful exploitation will let the attacker crash the browser leading to denial of service.
Impact Level: Application
Solution
Upgrade to Opera version 12.00 Beta or later,
For updates refer to http://www.opera.com/
Insight
- A denial of service via crafted characters in domain names.
- A denial of service (application crash) via crafted WebGL content.
- A denial of service (memory consumption or application hang) via an IFRAME element that uses the src='#' syntax to embed a parent document.
- A denial of service (application hang) via JavaScript code that changes a form before submission.
- A denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an 'overflow: auto' block element.
- A denial of service (application crash) via a web page that contains invalid character encodings.
- A denial of service (application crash) via a crafted web page that is not properly handled during a reload.
Affected
Opera version prior to 12.00 Beta on Windows
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2012-3562, CVE-2012-3563, CVE-2012-3564, CVE-2012-3565, CVE-2012-3566, CVE-2012-3567, CVE-2012-3568 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- CUPS 'scheduler/select.c' Denial Of Service Vulnerability
- EtherApe RPC Packet Processing Denial of Service Vulnerability
- ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
- Comodo Internet Security Denial of Service Vulnerability-01
- Eggdrop 'ctcpbuf' Remote Denial Of Service Vulnerability