CVE-2010-2121

Opera 9.52 - Denial of Service via Infinite Loop with Invalid URI IFRAMEs

Title source: llm
STIX 2.1

Description

Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs.

References (3)

Core 3
Core References
Exploit x_refsource_misc
http://websecurity.com.ua/4238/
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11622
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/511509/100/0/threaded

Scores

EPSS 0.0051
EPSS Percentile 66.5%

Details

CWE
CWE-399
Status published
Products (1)
opera/opera_browser 9.52
Published Jun 01, 2010
Tracked Since Feb 18, 2026