Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-0870Out-of-bounds Write in Browser

CWE-787Out-of-bounds Write4 documents4 sources
Severity
7.5HIGHNVD
EPSS
11.7%
top 6.31%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Opera Browser
Timeline
PublishedNov 17
Latest updateApr 29

Description

Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

NVDopera/opera_browser7.11, 7.20+1

Patches

Patch: www.atstake.comPatch: www.securityfocus.comPatch: www.atstake.com

🔴Vulnerability Details

2
GHSA
GHSA-4mv7-62g7-98v4: Heap-based buffer overflow in Opera 72022-04-29
CVEList
CVE-2003-0870: Heap-based buffer overflow in Opera 72003-10-21

💥Exploits & PoCs

1
Exploit-DB
Opera 7.11/7.20 HREF - Malformed Server Name Heap Corruption2003-10-20
CVE-2003-0870 — Out-of-bounds Write in Opera Browser | cvebase