CVE-2010-3019

Opera < 10.61 - Remote Code Execution via HTML5 Canvas Painting Operations

Title source: llm
STIX 2.1

Description

Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unix/1061/
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/966/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/mac/1061/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/windows/1061/
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12066

Scores

EPSS 0.0353
EPSS Percentile 87.8%

Details

CWE
CWE-119
Status published
Products (27)
opera/opera_browser 1.00
opera/opera_browser 2.00
opera/opera_browser 2.10 (4 CPE variants)
opera/opera_browser 2.12
opera/opera_browser 3.00 (2 CPE variants)
opera/opera_browser 3.10
opera/opera_browser 3.21
opera/opera_browser 3.50
opera/opera_browser 3.51
opera/opera_browser 3.60
... and 17 more
Published Aug 16, 2010
Tracked Since Feb 18, 2026