Gentoo Full Text Bug Listing

Bug 188987 - www-client/opera < 9.23 - arbitrary code execution

Bug#: 188987	Product: Gentoo Security	Version: unspecified	Platform: All
OS/Version: Linux	Status: RESOLVED	Severity: normal	Priority: P2
Resolution: FIXED	Assigned To: security@gentoo.org	Reported By: fauli@gentoo.org
Component: Vulnerabilities
URL: http://www.opera.com/support/search/view/865/
Summary: www-client/opera < 9.23 - arbitrary code execution
Keywords:
Status Whiteboard: B2 [glsa]
Opened: 2007-08-15 13:23 0000

Description:

Opened: 2007-08-15 13:23 0000

"Fixed a JavaScript security issue discovered with Mozilla's jsfunfuzz tool.
See our advisory."
[...]
"A virtual function call on an invalid pointer that may reference data crafted
by the attacker can be used to execute arbitrary code."

9.23 fixes it.  Not in the tree yet.

------- Comment #1 From Jeroen Roovers 2007-08-15 14:24:53 0000 -------

www-client/opera-9.23 is in CVS.

------- Comment #2 From Christian Faulhammer 2007-08-15 15:55:55 0000 -------

My proposal for severity is B2 and I hope security team is not pissed when I cc
arches. 

Please mark stable www-client/opera-9.23, thanks.  x86 stable.

------- Comment #3 From Gustavo Zacarias (RETIRED) 2007-08-15 16:23:34 0000 -------

sparc stable, and unmasked it - otherwise it's no good for anyone!

------- Comment #4 From Christoph Mende 2007-08-15 17:13:11 0000 -------

amd64 stable

------- Comment #5 From Tobias Scherbaum 2007-08-15 21:27:30 0000 -------

ppc stable, ready for glsa (voting?)

------- Comment #6 From Raphael Marichez 2007-08-20 09:38:17 0000 -------

merging GLSA with bug 185497. No vote needed, it's A2 (code execution)

------- Comment #7 From Raphael Marichez 2007-08-22 22:43:23 0000 -------

GLSA 200708-17, combined with bug 185497. Thanks everybody!