Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1387 — Classic Buffer Overflow in Browser

CWE-120 — Classic Buffer Overflow4 documents4 sources

Severity

7.5HIGHNVD

EPSS

10.6%

top 6.71%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Opera Browser

Timeline

PublishedDec 31

Latest updateApr 29

Description

Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDopera/opera_browser6.05, 6.06, 7.0+2

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-mxqp-2426-6mxr: Buffer overflow in Opera 6↗2022-04-29

▶

CVEList

CVE-2003-1387: Buffer overflow in Opera 6↗2007-10-19

▶

💥Exploits & PoCs

Exploit-DB

Opera 6.0/7.0 - 'Username' URI Warning Dialog Buffer Overflow↗2003-02-10

▶