CVE-2009-3831
HIGH severity · CVSS 9.3 · Out-of-bounds write
9.3CVSS HIGH
Summary
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
Impact & exploitability
Attack vectorNetwork
Attack complexity—
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)6%
AV:N/AC:M/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- http://www.opera.com/docs/changelogs/mac/1001/Advisory
- http://www.opera.com/docs/changelogs/unix/1001/Advisory
- http://www.opera.com/docs/changelogs/windows/1001/Advisory
- http://www.opera.com/support/kb/view/938/Advisory
- http://www.vupen.com/english/advisories/2009/3073Advisory
- http://secunia.com/advisories/37182
- http://www.osvdb.org/59357
- http://www.securityfocus.com/bid/36850Advisory