Vulnerability Details : CVE-2007-2809

Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274.

Vulnerability category: OverflowExecute code

Published 2007-05-22 19:30:00

Updated 2022-02-26 04:01:09

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2007-2809

Probability of exploitation activity in the next 30 days: 9.80%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 94 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2007-2809

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2007-2809

CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Assigned by: [email protected] (Primary)

References for CVE-2007-2809

http://www.securityfocus.com/bid/24080

Broken Link;Third Party Advisory;VDB Entry
http://www.opera.com/support/search/view/860/

Broken Link
https://exchange.xforce.ibmcloud.com/vulnerabilities/34470

Third Party Advisory;VDB Entry
http://securitytracker.com/id?1018089

Broken Link;Third Party Advisory;VDB Entry
http://isc.sans.org/diary.html?storyid=2823

Patch;Third Party Advisory
http://www.vupen.com/english/advisories/2007/1888

Broken Link

Products affected by CVE-2007-2809

Opera » Opera Browser
Versions before (<) 9.21
cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*
Matching versions