Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 188987

Summary: www-client/opera < 9.23 - arbitrary code execution
Product: Gentoo Security Reporter: Christian Faulhammer (RETIRED) <fauli>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: jer
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.opera.com/support/search/view/865/
Whiteboard: B2 [glsa]
Package list:
Runtime testing required: ---

Description Christian Faulhammer (RETIRED) gentoo-dev 2007-08-15 13:23:35 UTC 
"Fixed a JavaScript security issue discovered with Mozilla's jsfunfuzz tool. See our advisory."
[...]
"A virtual function call on an invalid pointer that may reference data crafted by the attacker can be used to execute arbitrary code."

9.23 fixes it.  Not in the tree yet.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2007-08-15 14:24:53 UTC 
www-client/opera-9.23 is in CVS.
Comment 2 Christian Faulhammer (RETIRED) gentoo-dev 2007-08-15 15:55:55 UTC 
My proposal for severity is B2 and I hope security team is not pissed when I cc arches. 

Please mark stable www-client/opera-9.23, thanks.  x86 stable.
Comment 3 Gustavo Zacarias (RETIRED) gentoo-dev 2007-08-15 16:23:34 UTC 
sparc stable, and unmasked it - otherwise it's no good for anyone!
Comment 4 Christoph Mende (RETIRED) gentoo-dev 2007-08-15 17:13:11 UTC 
amd64 stable
Comment 5 Tobias Scherbaum (RETIRED) gentoo-dev 2007-08-15 21:27:30 UTC 
ppc stable, ready for glsa (voting?)
Comment 6 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-08-20 09:38:17 UTC 
merging GLSA with bug 185497. No vote needed, it's A2 (code execution)
Comment 7 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-08-22 22:43:23 UTC 
GLSA 200708-17, combined with bug 185497. Thanks everybody!