Freely subscribe to our NEWSLETTER

– Gravity: 3/4
– Consequences: user access/rights, data reading
– Provenance: document
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 03/07/2008
– Identifier: VIGILANCE-VUL-7927

IMPACTED PRODUCTS

Opera [confidential versions]

DESCRIPTION

Two Opera vulnerabilities lead to code execution or to a memory
disclosure.

A vulnerability can be used to execute code on victim’s computer.
Its technical details are unknown. [grav:3/4]

The element, introducted in HTML 5, can be used by a
JavaScript code to draw in a web page. When some drawing methods
are used, memory fragments are inserted in the canvas zone. A
script can therefore read the canvas in order to obtain these
fragments. [grav:2/4]

CHARACTERISTICS

– Identifiers: VIGILANCE-VUL-7927
– Url: https://vigilance.aql.fr/tree/1/7927