Opera Web Browser Select Object Denial Of Service Vulnerability (Win) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to Select Object Denial of Service vulnerability.

Impact

Successful exploitation will let the attacker crash the browser leading to Denial of Service. Impact Level: Application

Solution

Upgrade to opera version 10 beta 1 or later, For updates refer to http://www.opera.com/download

Insight

This flaw is due to improper boundary check while passing data into the select() method and can be exploited by passing a large integer value resulting in memory exhaustion.

Affected

Opera version 9.64 and prior on Windows

References

http://www.g-sec.lu/one-bug-to-rule-them-all.html
http://www.securityfocus.com/archive/1/archive/1/504969/100/0/threaded
http://xforce.iss.net/xforce/xfdb/52874

Updated on 2017-03-28

Severity

Classification

CVE CVE-2009-1692, CVE-2009-2540

CVSS	Base Score: 7.1 AV:N/AC:M/Au:N/C:N/I:N/A:C

Related Vulnerabilities

Apache httpd Web Server Range Header Denial of Service Vulnerability
ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
Apple iTunes Local Privilege Escalation Vulnerability
Adobe Flash Player/Air Multiple DoS Vulnerabilities - Aug09 (Linux)
Apple QuickTime Multiple Vulnerabilities - Jan09 (Win)

Take action and discover your vulnerabilities