|
|
CVE Reference: CVE-2007-0127 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2007-0127 |
|
|
Description: The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call. |
|
|
CVE Status: Candidate |
|
|
References: SUSE http://lists.suse.com/archive/suse-security-announce/2007-Jan/0009.html ST 1017473 SAID Secunia Advisory: SA23613 Secunia Advisory: SA23739 Secunia Advisory: SA23771 OSVDB 31575 IDEFENSE http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458 GENTOO http://www.gentoo.org/security/en/glsa/glsa-200701-08.xml CONFIRM http://www.opera.com/support/search/supsearch.dml?index=851 |
|
| Return to the previous page. |
