CVE-2008-5680

Opera < 9.63 - Remote Code Execution via Crafted Text Area

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-5680. PoCs published by Guido Landi.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Opera 9.62 on Windows XP SP3. It uses a long string to overwrite memory and executes shellcode to launch calc.exe via a heap spray technique.

Description

Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Guido Landi · htmllocalwindows
https://www.exploit-db.com/exploits/7135

This exploit targets a buffer overflow vulnerability in Opera 9.62 on Windows XP SP3. It uses a long string to overwrite memory and executes shellcode to launch calc.exe via a heap spray technique.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Opera 9.62
No auth needed
Prerequisites: Victim must visit a malicious webpage using Opera 9.62 on Windows XP SP3
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/920/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498517/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1021456
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498481/100/0/threaded
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498452/100/0/threaded
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/linux/963/
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498499/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1021457
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/34294
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/498543/100/0/threaded
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200903-30.xml
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/922/

Scores

EPSS 0.0751
EPSS Percentile 93.7%

Details

CWE
CWE-119
Status published
Products (27)
opera/opera_browser 1.00
opera/opera_browser 2.00
opera/opera_browser 2.10 (4 CPE variants)
opera/opera_browser 2.12
opera/opera_browser 3.00 (2 CPE variants)
opera/opera_browser 3.10
opera/opera_browser 3.21
opera/opera_browser 3.50
opera/opera_browser 3.51
opera/opera_browser 3.60
... and 17 more
Published Dec 19, 2008
Tracked Since Feb 18, 2026