Opera URL Processing Arbitrary Code Execution Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with Opera and is prone to code execution vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary code or cause a denial of service. Impact Level: System/Application

Solution

Upgrade to Opera version 11.64 or later, For updates refer to http://www.opera.com/

Insight

The flaw is due to improper allocation of memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.

Affected

Opera version prior to 11.64 on Linux

References

http://securitytracker.com/id/1027066
http://www.opera.com/docs/changelogs/unix/1164/
http://www.opera.com/support/kb/view/1016/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2012-3561

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader '.ETD File' Denial of Service Vulnerability (Mac OS X)
Google Chrome Multiple Denial of Service Vulnerabilities - January12 (Windows)
Avaya IP Office Manager TFTP Denial of Service Vulnerability
Check for RealServer DoS
GoodTech SSH Server SFTP Multiple BOF Vulnerabilities

Take action and discover your vulnerabilities