CVE-2006-6955 — Improper Input Validation in Browser

CWE-20 — Improper Input Validation6 documents3 sources

Severity

9.3CRITICALNVD

NVD4.3CNA5.0CNA4.3

EPSS

0.8%

top 25.91%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Browser

Timeline

PublishedJan 29

Latest updateMay 14

Description

Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages1 packages

▶NVDopera/opera_browser10.52+67

🔴Vulnerability Details

GHSA

GHSA-9m6g-cc2f-9f4h: Opera before 10↗2022-05-14

▶

GHSA

GHSA-8f62-2qv6-4x72: Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a r↗2022-05-01

▶

CVEList

CVE-2010-1728: Opera before 10↗2010-05-05

▶

CVEList

CVE-2006-6955: Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a r↗2007-01-29

▶