CVE-2010-1349
HIGH severity · CVSS 10 · CWE-189
10CVSS HIGH
Summary
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges required—
User interaction—
Confidentiality impact—
Integrity impact—
Availability impact—
Exploit probability (EPSS)20%
AV:N/AC:L/Au:N/C:C/I:C/A:C
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Official patch: http://www.securityfocus.com/bid/38519 ↗
Additional information
- NVD record
- http://www.securityfocus.com/bid/38519Patch
- http://www.vupen.com/english/advisories/2010/0529Patch
- http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issueAdvisory
- http://secunia.com/advisories/38820Advisory
- http://www.opera.com/support/kb/view/948/Advisory
- http://osvdb.org/62714
- http://www.securitytracker.com/id?1023690
- http://www.exploit-db.com/exploits/11622Exploit