Opera file URI buffer overflow

Added: 01/13/2009
CVE: CVE-2008-5178
BID: 32323
OSVDB: 49882

Background

Opera is a web browser which is available for multiple platforms.

Problem

A buffer overflow vulnerability allows command execution when a user opens a long, specially crafted file:// URI.

Resolution

Upgrade to Opera 9.63 or higher.

References

http://secunia.com/advisories/34294

Limitations

Exploit works on Opera 9.62 and requires a user to load the exploit page in Opera.

Due to the nature of the vulnerability, the success of the exploit may depend on the target's memory state.

Platforms

Windows XP

Back to exploit index