Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 188987 - www-client/opera < 9.23 - arbitrary code execution
Summary: www-client/opera < 9.23 - arbitrary code execution
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://www.opera.com/support/search/v...
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2007-08-15 13:23 UTC by Christian Faulhammer (RETIRED)
Modified: 2007-08-22 22:43 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Faulhammer (RETIRED) gentoo-dev 2007-08-15 13:23:35 UTC
"Fixed a JavaScript security issue discovered with Mozilla's jsfunfuzz tool. See our advisory."
[...]
"A virtual function call on an invalid pointer that may reference data crafted by the attacker can be used to execute arbitrary code."

9.23 fixes it.  Not in the tree yet.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2007-08-15 14:24:53 UTC
www-client/opera-9.23 is in CVS.
Comment 2 Christian Faulhammer (RETIRED) gentoo-dev 2007-08-15 15:55:55 UTC
My proposal for severity is B2 and I hope security team is not pissed when I cc arches. 

Please mark stable www-client/opera-9.23, thanks.  x86 stable.
Comment 3 Gustavo Zacarias (RETIRED) gentoo-dev 2007-08-15 16:23:34 UTC
sparc stable, and unmasked it - otherwise it's no good for anyone!
Comment 4 Christoph Mende (RETIRED) gentoo-dev 2007-08-15 17:13:11 UTC
amd64 stable
Comment 5 Tobias Scherbaum (RETIRED) gentoo-dev 2007-08-15 21:27:30 UTC
ppc stable, ready for glsa (voting?)
Comment 6 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-08-20 09:38:17 UTC
merging GLSA with bug 185497. No vote needed, it's A2 (code execution)
Comment 7 Raphael Marichez (Falco) (RETIRED) gentoo-dev 2007-08-22 22:43:23 UTC
GLSA 200708-17, combined with bug 185497. Thanks everybody!