CVE-2007-4944
published 2007-09-18CVE-2007-4944: The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern…
PriorityP418medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
2.14%
79.8th percentile
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
| opera | opera_browser | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://osvdb.org/45946http://security.gentoo.org/glsa/glsa-200708-17.xmlhttp://www.opera.com/docs/changelogs/freebsd/922/http://www.opera.com/docs/changelogs/linux/922/http://www.opera.com/docs/changelogs/solaris/922/http://www.opera.com/support/search/view/861/http://osvdb.org/45946http://security.gentoo.org/glsa/glsa-200708-17.xmlhttp://www.opera.com/docs/changelogs/freebsd/922/http://www.opera.com/docs/changelogs/linux/922/http://www.opera.com/docs/changelogs/solaris/922/http://www.opera.com/support/search/view/861/
2007-09-18
Published