CVE-2008-1761
Opera < 9.27 - Remote Code Execution via Crafted Newsfeed Source
Title source: llmDescription
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
References (10)
Core 10
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/41625
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/28585
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29679
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29735
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00007.html
Patch x_refsource_confirm
http://www.opera.com/docs/changelogs/linux/927/
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/29662
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/search/view/881/
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2008/1084/references
Third Party Advisory vendor-advisory
x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200804-14.xml
Scores
EPSS
0.0861
EPSS Percentile
92.5%
Details
CWE
CWE-399
Status
published
Products (9)
opera/opera
9.02
opera/opera
9.10
opera/opera
9.20
opera/opera
9.21
opera/opera
9.22
opera/opera
9.23
opera/opera
9.24
opera/opera
9.25
opera/opera
< 9.26
Published
Apr 12, 2008
Tracked Since
Feb 18, 2026