CVE-2006-3199

Opera 9 - Denial of Service via Long Hostname in A Tag href Attribute

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2006-3199. PoCs published by N9.

AI-analyzed exploit summary This exploit demonstrates a DoS vulnerability in Opera 9 by using an excessively long string in an href attribute, causing an out-of-bounds memory access. The PoC is a simple HTML file with a maliciously crafted link.

Description

Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.

Exploits (1)

exploitdb WORKING POC VERIFIED

by N9 · htmldosmultiple

https://www.exploit-db.com/exploits/1937

View Code ZIP pw:eip

This exploit demonstrates a DoS vulnerability in Opera 9 by using an excessively long string in an href attribute, causing an out-of-bounds memory access. The PoC is a simple HTML file with a maliciously crafted link.

Classification

Working Poc 90%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Opera 9

No auth needed

Prerequisites: Victim must open the malicious HTML file in Opera 9

MITRE ATT&CK