CVE-2007-0127

 

Published at: - 09-01-2007 03:28

Last modified: - 06-10-2022 02:13

Total changes: - 2

Description

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call.

Common Vulnerability Scoring System (CVSS)

AV:N/AC:M/Au:N/C:C/I:C/A:C

 

Verification logic

 

Reference

• 20070105 Opera Software Opera Web Browser createSVGTransformFromMatrix Object Typecasting Vulnerability-Patch, Vendor Advisory
• http://www.opera.com/support/search/supsearch.dml?index=851
• 23613-Patch, Vendor Advisory
• 1017473-
• GLSA-200701-08-
• SUSE-SA:2007:009-
• 23739-Vendor Advisory
• 23771-Vendor Advisory
• 31575-
• ADV-2007-0060-

 

Keywords

NVD

 

CVE-2007-0127

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures