Bug 188632

Summary: Opera 9.0 denial of service with A tag.
Product: [openSUSE] SUSE Linux 10.1 Reporter: Marcus Meissner <meissner>
Component: CommercialAssignee: Lukas Tinkl <ltinkl>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: QTXGPZGTVMXJ, security-team, suse-beta
Version: Final   
Target Milestone: ---   
Hardware: Other   
OS: Other   
Whiteboard: CVE-2006-3199: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)
Found By: Other Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Marcus Meissner 2006-06-27 16:07:29 UTC 
This is public.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3199

Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.


Note that this will not stop the current update, it will just wait for a fix from Opera.
Comment 1 Lukas Tinkl 2006-08-04 13:45:08 UTC 
Fixed in Opera 9.01, updating autobuild
http://www.opera.com/support/search/supsearch.dml?index=835
Comment 2 Ludwig Nussel 2006-08-07 12:35:08 UTC 
Looks like opera sw does not consider this a security issue therefore we shouldn't either. Just fix it for stable then.
Comment 3 Lukas Tinkl 2006-08-10 12:05:29 UTC 
Done
Comment 4 Marcus Meissner 2006-08-15 13:49:16 UTC 
*** Bug 199378 has been marked as a duplicate of this bug. ***
Comment 5 Thomas Biege 2009-10-13 22:09:33 UTC 
CVE-2006-3199: CVSS v2 Base Score: 5.0 (AV:N/AC:L/Au:N/C:N/I:N/A:P)