Skip to main content

Opera Browser SVG Data Processing Remote Code Execution Vulnerability

Last Update Date: 17 Oct 2011 12:27 Release Date: 17 Oct 2011 5752 Views

RISK: High Risk

TYPE: Clients - Browsers

TYPE: Browsers

A vulnerability has been identified in Opera Browser, which can be exploited by malicious people to compromise a user's system.

 
The vulnerability is caused due to an error when processing SVG content nested within a frameset and can be exploited via a specially crafted web page.
 
Successful exploitation allows execution of arbitrary code.

Notes: Vendor supplied patch is currently unavailable.


Impact

  • Remote Code Execution

System / Technologies affected

  • Opera 11.x

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

  • Do not browse untrusted sites

Vulnerability Identifier

  • No CVE information is available

Source


Related Link