Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2003-1396Out-of-bounds Write in Browser

CWE-787Out-of-bounds Write4 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
15.6%
top 5.29%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Opera Browser
Timeline
PublishedDec 31
Latest updateApr 29

Description

Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages1 packages

NVDopera/opera_browser6.07.10

Patches

Patch: www.securityfocus.comPatch: www.securityfocus.com

🔴Vulnerability Details

2
GHSA
GHSA-fp9g-8p62-5fqm: Heap-based buffer overflow in Opera 62022-04-29
CVEList
CVE-2003-1396: Heap-based buffer overflow in Opera 62007-10-19

💥Exploits & PoCs

1
Exploit-DB
Opera 6.0.x/7.0 - Long File Name Remote Heap Corruption2003-04-28
CVE-2003-1396 — Out-of-bounds Write in Opera Browser | cvebase