Vulnerability Details : CVE-2010-1349
Potential exploit
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
Vulnerability category: OverflowExecute code
Products affected by CVE-2010-1349
- cpe:2.3:a:opera:opera_browser:10.50:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:10.10:*:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:10.50:beta_2:*:*:*:*:*:*
- cpe:2.3:a:opera:opera_browser:10.50:beta_1:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2010-1349
52.75%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 98 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2010-1349
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
CWE ids for CVE-2010-1349
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-1349
-
http://www.exploit-db.com/exploits/11622
Opera 10.50 - integer Overflow - Windows dos ExploitExploit
-
http://www.securityfocus.com/bid/38519
Opera Web Browser 'Content-Length' Header Integer Overflow VulnerabilityExploit;Patch
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/56673
Opera Content-Length header buffer overflow CVE-2010-1349 Vulnerability Report
-
http://www.vupen.com/english/advisories/2010/0529
Webmail | OVH- OVHPatch;Vendor Advisory
-
http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue
The Opera Blog - News | OperaVendor Advisory
-
http://osvdb.org/62714
-
http://www.opera.com/support/kb/view/948/
Welcome - Opera Security CornerVendor Advisory
-
http://secunia.com/advisories/38820
Sign inVendor Advisory
-
http://www.securitytracker.com/id?1023690
Opera Integer Overflow in Processing HTTP 'Content-Length' Reponses Lets Remote Users Execute Arbitrary Code - SecurityTracker
Jump to