CVE-2008-3078

Sažetak

Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image.

Reference

http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
http://secunia.com/advisories/30935
http://secunia.com/advisories/31339
http://www.opera.com/docs/changelogs/freebsd/951/
http://www.opera.com/docs/changelogs/linux/951/
http://www.opera.com/docs/changelogs/mac/951/
http://www.opera.com/docs/changelogs/solaris/951/
http://www.opera.com/docs/changelogs/windows/951/
http://www.opera.com/support/search/view/887/
http://www.securityfocus.com/bid/30068
http://www.vupen.com/english/advisories/2008/1997/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43575

CVSS

Base:	7.8
Impact:	6.9
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	NONE	NONE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:N/A:N

Zadnje važnije ažuriranje

08-08-2017 - 01:31

Objavljeno

09-07-2008 - 00:41