CVE-2005-4718

Opera Browser < 8.02 - Denial of Service via Crafted HTML Style Attributes

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2005-4718. PoCs published by posidron.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Opera 8.2 on Windows XP SP2. It uses a malformed HTML file with excessive 'A' and 'B' characters to trigger a crash, potentially leading to arbitrary code execution.

Description

Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margin:-99;" STYLE attribute.

Exploits (2)

exploitdb WORKING POC VERIFIED

by posidron · htmldoswindows

https://www.exploit-db.com/exploits/1255

View Code ZIP pw:eip

This exploit targets a buffer overflow vulnerability in Opera 8.2 on Windows XP SP2. It uses a malformed HTML file with excessive 'A' and 'B' characters to trigger a crash, potentially leading to arbitrary code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Opera 8.2 on Windows XP SP2

No auth needed

Prerequisites: Victim must open the malicious HTML file in Opera 8.2

MITRE ATT&CK

T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

exploitdb WORKING POC VERIFIED

by posidron · htmldosmultiple

https://www.exploit-db.com/exploits/1254

View Code ZIP pw:eip

This exploit targets a vulnerability in Opera 8.02 and below, leveraging malformed HTML tags to trigger a denial-of-service (DoS) condition. The PoC uses a combination of `<bdo>`, `<bgsound>`, and `<hr>` tags with invalid attributes to crash the browser.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Opera 8.02 and below

No auth needed

Prerequisites: Victim must open the malicious HTML file in a vulnerable version of Opera

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Broken Link, Exploit, Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1015067

Exploit x_refsource_misc

http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055

Exploit x_refsource_misc

http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054

Scores

EPSS 0.1024

EPSS Percentile 95.1%

Details

Status published

Products (1)

opera/opera_browser < 8.02

Published Dec 31, 2005

Tracked Since Feb 18, 2026