Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 160369 - www-client/opera: (versions < 9.10) createSVGTransformFromMatrix() and JPEG vulnerabilities
Summary: www-client/opera: (versions < 9.10) createSVGTransformFromMatrix() and JPEG v...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Highest normal (vote)
Assignee: Gentoo Security
URL: http://secunia.com/advisories/23613/
Whiteboard: B2? [stable] DerCorny
Keywords:
Depends on:
Blocks:
 
Reported: 2007-01-06 07:24 UTC by Executioner
Modified: 2007-01-12 22:06 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Executioner 2007-01-06 07:24:16 UTC
Description:
Two vulnerabilities have been reported in Opera, which can be exploited by malicious people to compromise a user's system.

1) An unspecified error when processing JPEG files can be exploited to cause a heap-based buffer overflow via a JPEG file with a specially crafted DHT marker.

2) An error within createSVGTransformFromMatrix() can be exploited by passing an incorrect object to the said function.


Reproducible: Didn't try




http://www.opera.com/support/search/supsearch.dml?index=851
http://www.opera.com/support/search/supsearch.dml?index=852
Comment 1 Tavis Ormandy (RETIRED) gentoo-dev 2007-01-06 09:56:14 UTC
arch teams, please test and mark stable opera-9.10
Comment 2 Gustavo Zacarias (RETIRED) gentoo-dev 2007-01-06 11:47:27 UTC
sparc stable.
Comment 3 Christian Faulhammer (RETIRED) gentoo-dev 2007-01-06 15:39:21 UTC
x86 stable
Comment 4 Tobias Scherbaum (RETIRED) gentoo-dev 2007-01-07 18:12:29 UTC
ppc stable
Comment 5 Executioner 2007-01-09 03:46:55 UTC
How about amd64?
Comment 6 Michael Cummings (RETIRED) gentoo-dev 2007-01-09 12:23:52 UTC
taking up the caboose, amd64 pulls out of the station :)
Comment 7 Executioner 2007-01-09 16:12:10 UTC
okay, cool, are we ready close this then?
Comment 8 Stefan Cornelius (RETIRED) gentoo-dev 2007-01-09 18:17:25 UTC
nope, a GLSA has to be drafted, reviewed and issued. Then this will be closed.
Comment 9 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-01-12 22:06:58 UTC
GLSA 200701-08