Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2008-02-28 18:44
Updated : 2012-06-07 11:02
NVD link : CVE-2008-1081
Mitre link : CVE-2008-1081
JSON object : View
CWE
CWE-94
Improper Control of Generation of Code ('Code Injection')
Products Affected
opera
- opera_browser