Opera URL Processing Arbitrary Code Execution Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with Opera and is prone to code execution vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to Opera version 11.64 or later, For updates refer to http://www.opera.com/

Insight

The flaw is due to improper allocation of memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.

Affected

Opera version prior to 11.64 on Linux

References

http://securitytracker.com/id/1027066
http://www.opera.com/docs/changelogs/unix/1164/
http://www.opera.com/support/kb/view/1016/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3561
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
Apple QuickTime Multiple Denial Of Service Vulnerabilities (Win)
Firefox XSL Parsing Vulnerability (Win)
Adobe Flash Player/Air Multiple Vulnerabilities - August10 (Win)
FreeSSHd Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities