Browser Security Test
Security testing
Scanit offers penetration tests, vulnerability assessments and web application audits.
Scanit offers penetration tests, vulnerability assessments and web application audits.
Learn ethical hacking.
Scanit offers 5-day training on ethical hacking.
Scanit offers 5-day training on ethical hacking.
Opera JavaScript invalid pointer arbitrary code execution (CVE-2007-436)
Description
A specially crafted JavaScript can make Opera execute arbitrary code by calling a virtual function on an invalid pointer.This is an arbitrary code execution vulnerability. It means that it can be used to place a backdoor, a virus or spyware on a vulnerable computer.
Note: the vendor does not provide the detailed information about this vulnerability. This test checks for one of the crashes that were fixed in Opera 9.23. It is possible that this particular crash is not exploitable. However, if your Opera browser crashes on this test, it is likely that it is also has the remote code execution vulnerability.
Recommendations
If you are running Opera, upgrade to version 9.23 or later.If you are not running Opera, report this bug to the vendor of your browser.