ID CVE-2007-4367
Summary Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
References
Vulnerable Configurations
  • cpe:2.3:a:opera_software:opera_web_browser:9
    cpe:2.3:a:opera_software:opera_web_browser:9
  • cpe:2.3:a:opera_software:opera_web_browser:9.01
    cpe:2.3:a:opera_software:opera_web_browser:9.01
  • cpe:2.3:a:opera_software:opera_web_browser:9.02
    cpe:2.3:a:opera_software:opera_web_browser:9.02
  • cpe:2.3:a:opera_software:opera_web_browser:9.10
    cpe:2.3:a:opera_software:opera_web_browser:9.10
  • cpe:2.3:a:opera_software:opera_web_browser:9.20
    cpe:2.3:a:opera_software:opera_web_browser:9.20
  • cpe:2.3:a:opera_software:opera_web_browser:9.21
    cpe:2.3:a:opera_software:opera_web_browser:9.21
  • cpe:2.3:a:opera_software:opera_web_browser:9.22
    cpe:2.3:a:opera_software:opera_web_browser:9.22
CVSS
Base: 9.3 (as of 16-08-2007 - 04:30)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id SUSE_OPERA-4172.NASL
    description This update of opera fixes a security vulnerabilities that allowed the execution of arbitrary code by using JavaScript. (CVE-2007-4367)
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27378
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27378
    title openSUSE 10 Security Update : opera (opera-4172)
  • NASL family Windows
    NASL id OPERA_923.NASL
    description The version of Opera installed on the remote host reportedly allows for execution of arbitrary code via specially crafted JavaScript if a user can be tricked into visiting a malicious site.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 25900
    published 2007-08-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25900
    title Opera < 9.23 Crafted Javascript Arbitrary Code Execution
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200708-17.NASL
    description The remote host is affected by the vulnerability described in GLSA-200708-17 (Opera: Multiple vulnerabilities) An error known as 'a virtual function call on an invalid pointer' has been discovered in the JavaScript engine (CVE-2007-4367). Furthermore, iDefense Labs reported that an already-freed pointer may be still used under unspecified circumstances in the BitTorrent support (CVE-2007-3929). At last, minor other errors have been discovered, relative to memory read protection (Opera Advisory 861) and URI displays (CVE-2007-3142, CVE-2007-3819). Impact : A remote attacker could trigger the BitTorrent vulnerability by enticing a user into starting a malicious BitTorrent download, and execute arbitrary code through unspecified vectors. Additionally, a specially crafted JavaScript may trigger the 'virtual function' vulnerability. The JavaScript engine can also access previously freed but uncleaned memory. Finally, a user can be fooled with a too long HTTP server name that does not fit the dialog box, or a URI containing whitespaces. Workaround : There is no known workaround at this time for all these vulnerabilities.
    last seen 2019-02-21
    modified 2018-12-18
    plugin id 26040
    published 2007-09-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=26040
    title GLSA-200708-17 : Opera: Multiple vulnerabilities
refmap via4
bid 25331
confirm http://www.opera.com/support/search/view/865/
gentoo GLSA-200708-17
sectrack 1018572
secunia
  • 26477
  • 26545
  • 26635
suse SUSE-SA:2007:050
vupen ADV-2007-2904
xf opera-javascript-code-execution(36039)
Last major update 07-03-2011 - 21:58
Published 15-08-2007 - 19:17
Last modified 28-07-2017 - 21:32
Back to Top