Vulnerability Details CVE-2007-6523
Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.013
EPSS Ranking 79.4%
CVSS Severity
CVSS v2 Score 7.8
References
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html
- http://secunia.com/advisories/28314
- http://securityreason.com/securityalert/3482
- http://www.securityfocus.com/archive/1/484605/100/200/threaded
- http://www.securityfocus.com/bid/26721
- http://www.vupen.com/english/advisories/2007/4261
- http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html
- http://secunia.com/advisories/28314
- http://securityreason.com/securityalert/3482
- http://www.securityfocus.com/archive/1/484605/100/200/threaded
- http://www.securityfocus.com/bid/26721
- http://www.vupen.com/english/advisories/2007/4261
Products affected by CVE-2007-6523
-
cpe:2.3:a:opera:opera_browser:9.0
-
cpe:2.3:a:opera:opera_browser:9.01
-
cpe:2.3:a:opera:opera_browser:9.02
-
cpe:2.3:a:opera:opera_browser:9.10
-
cpe:2.3:a:opera:opera_browser:9.12
-
cpe:2.3:a:opera:opera_browser:9.20
-
cpe:2.3:a:opera:opera_browser:9.21
-
cpe:2.3:a:opera:opera_browser:9.22
-
cpe:2.3:a:opera:opera_browser:9.23
-
cpe:2.3:a:opera:opera_browser:9.24
-
cpe:2.3:a:opera:opera_browser:9.50