Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 264831 (CVE-2009-1234) - <www-client/opera-10 DoS (crash) (CVE-2009-1234)
Summary: <www-client/opera-10 DoS (crash) (CVE-2009-1234)
Status: RESOLVED FIXED
Alias: CVE-2009-1234
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2009-04-04 06:49 UTC by Alex Legler (RETIRED)
Modified: 2012-06-15 17:39 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Alex Legler (RETIRED) archtester gentoo-dev Security 2009-04-04 06:49:32 UTC
CVE-2009-1234 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-1234):
  Opera 9.64 allows remote attackers to cause a denial of service
  (application crash) via an XML document containing a long series of
  start-tags with no corresponding end-tags.
Comment 1 Stefan Behte (RETIRED) gentoo-dev Security 2009-04-23 17:25:41 UTC
This might be considered a non-issue if it just causes opera to crash...
Comment 2 Alex Legler (RETIRED) archtester gentoo-dev Security 2009-09-22 12:13:58 UTC
Seems to be fixed in 10.0 which is already stabilized.
Comment 3 Tobias Heinlein (RETIRED) gentoo-dev 2009-10-20 19:21:13 UTC
A request is in for bug 264831, so this can easily be included. I vote YES.
Comment 4 Stefan Behte (RETIRED) gentoo-dev Security 2009-10-26 23:10:29 UTC
Yes, too. (You meant #283391, this is #264831)
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2012-06-15 17:39:59 UTC
This issue was resolved and addressed in
 GLSA 201206-03 at http://security.gentoo.org/glsa/glsa-201206-03.xml
by GLSA coordinator Sean Amoss (ackle).