Wednesday, March 3, 2010

Opera (plenitude String )Denial of Service Exploit

http://www.packetstormsecurity.org/1003-exploits/operaplen-crash.txt
http://www.exploit-db.com/exploits/11617


=======================================================================

Opera (plenitude String )Denial of Service Exploit
=======================================================================

by

Asheesh Kumar Mani Tripathi


# code by Asheesh kumar Mani Tripathi

# email informationhacker08@gmail.com

# company www.aksitservices.co.in

# Credit by Asheesh Anaconda


#Download http://www.opera.com/download/


#Background

Opera is a popular internet browser :)

#Vulnerability
This bug is a typical result when attacker try to write plenitude String in
document.write() function .User interaction is required to
exploit this vulnerability in that the target must visit a malicious
web page.



#Impact
Browser doesn't respond any longer to any user input, all tabs are no
longer accessible, your work if any might be lost.



#Proof of concept
copy the code in text file and save as "asheesh.html" open in Mozilla Firefox




Why do you worry without cause? Whom do you fear without reason? Who can kill you?
The soul is neither born, nor does it die.


#If you have any questions, comments, or concerns, feel free to contact me.

1 comment:

  1. Must say you are doing an excellent w0rk....share with others :)

    AS

    ReplyDelete