What is CVE-2009-0914?

CVE-2009-0914 is a high-severity software vulnerability (CWE-399) with a CVSS score of 9.3. Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

Is CVE-2009-0914 being actively exploited?

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 5%.

What products does CVE-2009-0914 affect?

Tracked products affected include Opera. Check the version you run to see whether it is affected.

How do I fix CVE-2009-0914?

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

← All products

CVE-2009-0914

HIGH severity · CVSS 9.3 · CWE-399

9.3CVSS HIGH

Summary

Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

Impact & exploitability

Attack vectorNetwork

Attack complexity—

Privileges required—

User interaction—

Confidentiality impact—

Integrity impact—

Availability impact—

Exploit probability (EPSS)5%

AV:N/AC:M/Au:N/C:C/I:C/A:C

Affected products we track (1)

Opera

Recommendation

Apply the vendor fix promptly. Open any affected product above for its exact safe version.

Additional information

NVD record
http://secunia.com/advisories/34135Advisory
http://www.openwall.com/lists/oss-security/2009/03/07/1Advisory
http://www.opera.com/docs/changelogs/freebsd/964/Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
http://secunia.com/advisories/34294
http://secunia.com/advisories/34418
http://security.gentoo.org/glsa/glsa-200903-30.xml
http://securitytracker.com/id?1021782