Opera Web浏览器URL重定向远程代码执行漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1116360 漏洞类型 后置链接
发布时间 2008-10-08 更新时间 2008-11-04
CVE编号 CVE-2008-4694 CNNVD-ID CNNVD-200810-407
漏洞平台 PHP CVSS评分 9.3
|漏洞来源
https://www.exploit-db.com/exploits/32467
https://www.securityfocus.com/bid/31631
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200810-407
|漏洞详情
Opera存在未明漏洞,远程攻击者可以借助一个特制的URL的重定向指令来引起拒绝服务攻击(应用程序崩溃)或执行任意代码。
|漏洞EXP
source: http://www.securityfocus.com/bid/31631/info

Opera Web Browser is prone to a remote code-execution vulnerability.

Successfully exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application or cause a denial-of-service condition.

NOTE: The security-bypass issue has been reassigned to BID 31643 (Opera Cached Java Applet Privilege Escalation Vulnerability).

Versions prior to Opera 9.60 are vulnerable. 

http://BBB...BBB:password@example.com
|受影响的产品
S.u.S.E. openSUSE 11.0 S.u.S.E. openSUSE 10.3 S.u.S.E. openSUSE 10.2 Opera Software Opera Web Browser 8.51 Opera Software Opera Web Browser 8.50 Opera Software Opera Web
|参考资料

来源:XF
名称:opera-redirect-code-execution(45722)
链接:http://xforce.iss.net/xforce/xfdb/45722
来源:BID
名称:31631
链接:http://www.securityfocus.com/bid/31631
来源:www.opera.com
链接:http://www.opera.com/support/search/view/901/
来源:www.opera.com
链接:http://www.opera.com/docs/changelogs/windows/960/
来源:www.opera.com
链接:http://www.opera.com/docs/changelogs/solaris/960/
来源:www.opera.com
链接:http://www.opera.com/docs/changelogs/mac/960/
来源:www.opera.com
链接:http://www.opera.com/docs/changelogs/linux/960/
来源:www.opera.com
链接:http://www.opera.com/docs/changelogs/freebsd/960/
来源:MLIST
名称:[oss-security]20081022Re:CVERequest:Opera9.60withsecurityfixes
链接:http://www.openwall.com/lists/oss-security/2008/10/22/5
来源:MLIST
名称:[oss-security]20081021CVERequest:Opera9.60withsecurityfixes
链接:http://www.openwall.com/lists/oss-security/2008/10/21/5
来源:VUPEN
名称:ADV-2008-2765
链接:http://www.frsirt.com/english/advisories/2008/2765
来源:SECTRACK
名称:1021016
链接:http://securitytracker.com/id?1021016
来源:GENTOO
名称:GLSA-200811-01
链接:ht