Vulnerabilities > CVE-2003-0870 - Out-of-bounds Write vulnerability in Opera Browser 7.11/7.20
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
| description | Opera 7.11/7.20 HREF Malformed Server Name Heap Corruption Vulnerability. CVE-2003-0870. Dos exploits for multiple platform |
| id | EDB-ID:23263 |
| last seen | 2016-02-02 |
| modified | 2003-10-20 |
| published | 2003-10-20 |
| reporter | @stake |
| source | https://www.exploit-db.com/download/23263/ |
| title | Opera 7.11/7.20 HREF Malformed Server Name Heap Corruption Vulnerability |
Nessus
| NASL family | Windows |
| NASL id | OPERA_HREF_OVERFLOW.NASL |
| description | The installed version of Opera on the remote host is vulnerable to a buffer overflow in the code that parses HREF tags in the server. To exploit them, an attacker would need to set up a rogue website, then lure a user of this host to visit the site using Opera. The attacker would then be able to execute arbitrary code on this host. |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11900 |
| published | 2003-10-20 |
| reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
| source | https://www.tenable.com/plugins/nessus/11900 |
| title | Opera < 7.21 HREF Escaped Character Overflow |