CVE-2003-1397

Opera Browser 6.05 and 7.0 - Denial of Service via Long String in ShowDocument Method

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2003-1397. PoCs published by Marc Schoenefeld.

AI-analyzed exploit summary This is a non-runnable stub for CVE-2003-1397, demonstrating a DoS vulnerability in Opera's Java plugin via the 'opera.PluginContext' class. The code contains intentional syntax errors to prevent misuse.

Description

The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.

Exploits (1)

exploitdb STUB VERIFIED
by Marc Schoenefeld · textdoswindows
https://www.exploit-db.com/exploits/22240

This is a non-runnable stub for CVE-2003-1397, demonstrating a DoS vulnerability in Opera's Java plugin via the 'opera.PluginContext' class. The code contains intentional syntax errors to prevent misuse.

Classification
Stub 80%
Attack Type
Dos
Complexity
Trivial
Reliability
Theoretical
Target: Opera (Windows, versions with Java support enabled)
No auth needed
Prerequisites: Java support enabled in Opera · Victim visits a malicious webpage hosting the applet
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Broken Link, Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6814
Broken Link, Exploit, Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/311214
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3255

Scores

EPSS 0.0612
EPSS Percentile 92.5%

Details

CWE
CWE-119
Status published
Products (3)
opera/opera_browser 6.05
opera/opera_browser 7.0 (4 CPE variants)
opera/opera_browser 7.01
Published Dec 31, 2003
Tracked Since Feb 18, 2026