CVE-2011-2641

Opera 11.11 - Denial of Service via FONT FACE Attribute in IFRAME

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-2641. PoCs published by echo.

AI-analyzed exploit summary This exploit triggers a remote crash in Opera 11.11 by manipulating the 'face' property of a dynamically created 'font' element within an iframe. The crash is unexploitable but demonstrates a DoS condition.

Description

Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value.

Exploits (1)

exploitdb WORKING POC VERIFIED

by echo · htmldoswindows

https://www.exploit-db.com/exploits/17396

View Code ZIP pw:eip

This exploit triggers a remote crash in Opera 11.11 by manipulating the 'face' property of a dynamically created 'font' element within an iframe. The crash is unexploitable but demonstrates a DoS condition.

Classification

Working Poc 80%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: Opera 11.11

No auth needed

Prerequisites: Victim must visit a malicious webpage using Opera 11.11

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit exploit x_refsource_exploit-db

http://www.exploit-db.com/exploits/17396

Scores

EPSS 0.0544

EPSS Percentile 91.7%

Details

CWE

CWE-399

Status published

Products (1)

opera/opera_browser 11.11

Published Jul 01, 2011

Tracked Since Feb 18, 2026