Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-0127

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2007-0127
Last Modified 07 Mar 2011 12:00:00
Published 08 Jan 2007 09:28:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2007-0127

Summary

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call.

Vulnerable Systems

Application

  • Opera Browser 1.00

  • Opera Browser 2.00

  • Opera Browser 2.10

  • Opera Browser 2.12

  • Opera Browser 3.00

  • Opera Browser 3.10

  • Opera Browser 3.21

  • Opera Browser 3.50

  • Opera Browser 3.51

  • Opera Browser 3.60

  • Opera Browser 3.61

  • Opera Browser 3.62

  • Opera Browser 4.00

  • Opera Browser 4.01

  • Opera Browser 4.02

  • Opera Browser 5.0

  • Opera Browser 5.02

  • Opera Browser 5.10

  • Opera Browser 5.11

  • Opera Browser 5.12

  • Opera Browser 6.0

  • Opera Browser 6.01

  • Opera Browser 6.02

  • Opera Browser 6.03

  • Opera Browser 6.04

  • Opera Browser 6.05

  • Opera Browser 6.06

  • Opera Browser 6.1

  • Opera Browser 6.11

  • Opera Browser 6.12

  • Opera Browser 7.0

  • Opera Browser 7.01

  • Opera Browser 7.02

  • Opera Browser 7.03

  • Opera Browser 7.10

  • Opera Browser 7.11

  • Opera Browser 7.20

  • Opera Browser 7.21

  • Opera Browser 7.22

  • Opera Browser 7.23

  • Opera Browser 7.50

  • Opera Browser 7.51

  • Opera Browser 7.52

  • Opera Browser 7.53

  • Opera Browser 7.54

  • Opera Browser 7.60

  • Opera Browser 8.0

  • Opera Browser 8.01

  • Opera Browser 8.02

  • Opera Browser 8.50

  • Opera Browser 8.51

  • Opera Browser 8.52

  • Opera Browser 8.53

  • Opera Browser 8.54

  • Opera Browser 9.0

  • Opera Browser 9.01

  • Opera Browser 9.02

  • Opera Software Opera 9.0

  • Opera Software Opera 9.01

  • Opera Software Opera 9.02


References

SECUNIA - 23613

IDEFENSE - 20070105 Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability

VUPEN - ADV-2007-0060

CONFIRM - http://www.opera.com/support/search/supsearch.dml?index=851

GENTOO - GLSA-200701-08

SECTRACK - 1017473

SECUNIA - 23771

SECUNIA - 23739

OSVDB - 31575

SUSE - SUSE-SA:2007:009


Last Updated: 27 May 2016 10:56:30