Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2011-1824

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2011-1824
Last Modified 21 Sep 2011 11:30:57
Published 10 May 2011 02:55:01
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2011-1824

Summary

The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an invalid memory write operation, and consequently cause a denial of service (application crash) or possibly execute arbitrary code, via a large integer attribute value.

Vulnerable Systems

Application

  • Opera Browser 10.00

  • Opera Browser 10.01

  • Opera Browser 10.10

  • Opera Browser 10.50

  • Opera Browser 10.51

  • Opera Browser 10.52

  • Opera Browser 10.53

  • Opera Browser 10.54

  • Opera Browser 10.60

  • Opera Browser 5.0

  • Opera Browser 5.02

  • Opera Browser 5.10

  • Opera Browser 5.11

  • Opera Browser 5.12

  • Opera Browser 6.0

  • Opera Browser 6.01

  • Opera Browser 6.02

  • Opera Browser 6.03

  • Opera Browser 6.04

  • Opera Browser 6.05

  • Opera Browser 6.06

  • Opera Browser 6.1

  • Opera Browser 6.11

  • Opera Browser 6.12

  • Opera Browser 7.0

  • Opera Browser 7.01

  • Opera Browser 7.02

  • Opera Browser 7.03

  • Opera Browser 7.10

  • Opera Browser 7.11

  • Opera Browser 7.20

  • Opera Browser 7.21

  • Opera Browser 7.22

  • Opera Browser 7.23

  • Opera Browser 7.50

  • Opera Browser 7.51

  • Opera Browser 7.52

  • Opera Browser 7.53

  • Opera Browser 7.54

  • Opera Browser 7.60

  • Opera Browser 8.0

  • Opera Browser 8.01

  • Opera Browser 8.02

  • Opera Browser 8.50

  • Opera Browser 8.51

  • Opera Browser 8.52

  • Opera Browser 8.53

  • Opera Browser 8.54

  • Opera Browser 9.0

  • Opera Browser 9.01

  • Opera Browser 9.02

  • Opera Browser 9.10

  • Opera Browser 9.12

  • Opera Browser 9.20

  • Opera Browser 9.21

  • Opera Browser 9.22

  • Opera Browser 9.23

  • Opera Browser 9.24

  • Opera Browser 9.25

  • Opera Browser 9.26

  • Opera Browser 9.27

  • Opera Browser 9.50

  • Opera Browser 9.51

  • Opera Browser 9.52

  • Opera Browser 9.60

  • Opera Browser 9.61

  • Opera Browser 9.62

  • Opera Browser 9.63

  • Opera Browser 9.64


References

XF - opera-select-dos(67338)

MISC - http://www.toucan-system.com/advisories/tssa-2011-02.txt

BID - 47764

BUGTRAQ - 20110509 TSSA-2011-02 - Opera : SELECT SIZE Arbitrary null write

MISC - http://www.opera.com/docs/changelogs/windows/1061/

MISC - http://www.opera.com/docs/changelogs/unix/1061/

MISC - http://www.opera.com/docs/changelogs/mac/1061/

SREASON - 8244


Last Updated: 27 May 2016 10:56:49