Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2010-1349 — Browser vulnerability

CWE-1895 documents5 sources

Severity

10.0CRITICALNVD

EPSS

41.8%

top 2.57%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Opera Browser

Timeline

PublishedApr 12

Latest updateMay 2

Description

Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

▶NVDopera/opera_browser10.10, 10.50+1

Patches

Patch: www.securityfocus.com ↗Patch: www.vupen.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-2j2j-55cj-9v64: Integer overflow in Opera 10↗2022-05-02

▶

CVEList

CVE-2010-1349: Integer overflow in Opera 10↗2010-04-12

▶

💥Exploits & PoCs

Exploit-DB

Opera 10.50 - integer Overflow↗2010-03-03

▶

💬Community

Bugzilla

CVE-2007-1349 mod_perl PerlRun denial of service↗2007-05-17

▶