Vulnerabilities > CVE-2003-0870 - Out-of-bounds Write vulnerability in Opera Browser 7.11/7.20
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 2 |
Common Weakness Enumeration (CWE)
Exploit-Db
description | Opera 7.11/7.20 HREF Malformed Server Name Heap Corruption Vulnerability. CVE-2003-0870. Dos exploits for multiple platform |
id | EDB-ID:23263 |
last seen | 2016-02-02 |
modified | 2003-10-20 |
published | 2003-10-20 |
reporter | @stake |
source | https://www.exploit-db.com/download/23263/ |
title | Opera 7.11/7.20 HREF Malformed Server Name Heap Corruption Vulnerability |
Nessus
NASL family | Windows |
NASL id | OPERA_HREF_OVERFLOW.NASL |
description | The installed version of Opera on the remote host is vulnerable to a buffer overflow in the code that parses HREF tags in the server. To exploit them, an attacker would need to set up a rogue website, then lure a user of this host to visit the site using Opera. The attacker would then be able to execute arbitrary code on this host. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 11900 |
published | 2003-10-20 |
reporter | This script is Copyright (C) 2003-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/11900 |
title | Opera < 7.21 HREF Escaped Character Overflow |