CVE-2008-5680

Opera <9.63 - Buffer Overflow

Title source: llm

Description

Multiple buffer overflows in Opera before 9.63 might allow (1) remote attackers to execute arbitrary code via a crafted text area, or allow (2) user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Guido Landi · htmllocalwindows

https://www.exploit-db.com/exploits/7135

View Code ZIP pw:eip

References (12)

[Vendor Advisory] http://www.opera.com/support/kb/view/920/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/498517/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1021456

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/498481/100/0/threaded

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/498452/100/0/threaded

[Vendor Advisory] http://www.opera.com/docs/changelogs/linux/963/

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/498499/100/0/threaded

[Third Party Advisory, VDB Entry] http://securitytracker.com/id?1021457

[Third Party Advisory] http://secunia.com/advisories/34294

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/archive/1/498543/100/0/threaded

[Third Party Advisory] http://security.gentoo.org/glsa/glsa-200903-30.xml

[Vendor Advisory] http://www.opera.com/support/kb/view/922/

Scores

EPSS 0.2019

EPSS Percentile 95.5%

Details

CWE

CWE-119

Status published

Products (27)

opera/opera_browser 1.00

opera/opera_browser 2.00

opera/opera_browser 2.10 (4 CPE variants)

opera/opera_browser 2.12

opera/opera_browser 3.00 (2 CPE variants)

opera/opera_browser 3.10

opera/opera_browser 3.21

opera/opera_browser 3.50

opera/opera_browser 3.51

opera/opera_browser 3.60

... and 17 more

Published Dec 19, 2008

Tracked Since Feb 18, 2026