Opera Web Browser Select Object Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to Select Object Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker crash the browser leading to Denial of Service. Impact Level: Application

Solution

Upgrade to opera version 10 beta 1 or later, For updates refer to http://www.opera.com/download

Insight

This flaw is due to improper boundary check while passing data into the select() method and can be exploited by passing a large integer value resulting in memory exhaustion.

Affected

Opera version 9.64 and prior on Windows

References

http://www.g-sec.lu/one-bug-to-rule-them-all.html
http://www.securityfocus.com/archive/1/archive/1/504969/100/0/threaded
http://xforce.iss.net/xforce/xfdb/52874

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1692, CVE-2009-2540
CVSS Base Score: 7.1
AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

freeSSHd SFTP 'rename' and 'realpath' Remote DoS Vulnerability
EMC NetWorker 'nsrexecd' RPC Packet Denial of Service Vulnerability
CA Multiple Products 'arclib' Component DoS Vulnerability (Win)
Adobe Flash Media Server Memory Corruption Remote Denial of Service Vulnerability
CUPS Subscription Incorrectly uses Guest Account DoS Vulnerability

Take action and discover your vulnerabilities