Hello all,On Wed, 30 Nov 2005 00:31:29 +0100, Marc Schoenefeld <marc.schoenefeld@xxxxxxx> wrote:
Hi y'all, it is possible to crash the opera 8.50 browser with a simple java applet (see below). This was observed on Win32, Linux versions maybe affected, too. This can be tested only at: http://www.illegalaccess.org/exploit/opera85/OperaApplet.html As you can see the applet crashes at 0x67c0a54c. This iscaused by a bug in a JNI routine implementing the com.opera.JSObject class.It cannot be ruled out, that this bug is exploitable. The opera guys were informed on the 21st of September, and then again on 8th of October. Please upgrade to the new Opera 8.51, which does not expose this weakness. Sincerely Marc Schönefeld marc@xxxxxxxxxxxxxxxxx
Opera Software ASA does not consider this to be a security vulnerability. This is an ordinary NULL-pointer crash, which has no exploit potential. And since the crash does not prevent restart of the client we also do not consider it a Denial of Service. <URL: http://www.opera.com/support/search/supsearch.dml?index=817 > We thank Marc Schoenefeld for bringing this crashbug to our attention.Please report bugs and security issues at <URL: https://bugs.opera.com/wizard/ >
-- Sincerely, Yngve N. Pettersen ******************************************************************** Senior Developer Email: yngve@xxxxxxxxx Opera Software ASA http://www.opera.com/ Phone: +47 24 16 42 60 Fax: +47 24 16 40 01 ********************************************************************