HTTP: Opera Browser Document Writing Uninitialized Memory Access
This signature detects attempts to exploit a known uninitialized memory access vulnerability in Opera Web browser. It is due to an error while handling asynchronous modifications to an HTML document. A remote attacker can exploit this issue by enticing a target user to open a specifically crafted Web page. Successful exploitation can result in execution of arbitrary code within the security context of the currently logged on user. An unsuccessful exploit attempt can abnormally terminate the affected application.
Extended Description
Opera Web Browser is prone to a remote code-execution vulnerability. Attackers can exploit this issue to execute arbitrary code or crash the affected application. Versions prior to Opera 10.53 for Windows and Mac OS are vulnerable.
Affected Products
Opera_software opera_web_browser
Short Name
HTTP:STC:OPERA:DOCUMENT-WRITE
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Access Browser CVE-2010-1728 Document Memory Opera Uninitialized Writing bid:39855
Release Date
10/12/2010
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3601
False Positive
Unknown
Vendors
Opera_software
CVSS Score
9.3