Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2006-3353 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer in Browser

CWE-119 β€” Improper Restriction of Operations within the Bounds of a Memory Buffer4 documents4 sources
Severity
5.0MEDIUMNVD
EPSS
11.0%
top 6.54%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Opera Browser
Timeline
PublishedJul 6
Latest updateMay 1

Description

Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages1 packages

β–ΆNVDopera/opera_browser< 9.01

πŸ”΄Vulnerability Details

2
GHSA
GHSA-prwp-gw4f-6fg4: Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to a↗2022-05-01
β–Ά
CVEList
CVE-2006-3353: Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to a↗2006-07-06
β–Ά

πŸ’₯Exploits & PoCs

1
Exploit-DB
Opera Web Browser 9.00 - 'iframe' Remote Denial of Service↗2006-07-01
β–Ά
CVE-2006-3353 β€” Opera Browser vulnerability | cvebase