Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Opera 8.50 DoS with simple java applet
From: "Yngve N. Pettersen (Developer Opera Software ASA)" <yngve () opera com>
Date: Thu, 01 Dec 2005 14:04:29 +0100

Hello all,

On Wed, 30 Nov 2005 00:31:29 +0100, Marc Schoenefeld <marc.schoenefeld () gmx org> wrote:

Hi y'all,

it is possible to crash the opera 8.50 browser with a simple
java applet (see below).
This was observed on Win32, Linux versions maybe affected, too.
This can be tested only at:


As you can see the applet crashes at 0x67c0a54c. This is
caused by a bug in a JNI routine implementing the com.opera.JSObject class.
It cannot be ruled out, that this bug is exploitable.

The opera guys were informed on the 21st of September, and
then again on 8th of October.

Please upgrade to the new Opera 8.51, which does not expose this

Marc Schönefeld
marc () illegalaccess org

Opera Software ASA does not consider this to be a security vulnerability.

This is an ordinary NULL-pointer crash, which has no exploit potential.
And since the crash does not prevent restart of the client we also do
not consider it a Denial of Service.

<URL: http://www.opera.com/support/search/supsearch.dml?index=817 >

We thank Marc Schoenefeld for bringing this crashbug to our attention.

Please report bugs and security issues at <URL: https://bugs.opera.com/wizard/ >

Yngve N. Pettersen
Senior Developer                     Email: yngve () opera com
Opera Software ASA                   http://www.opera.com/
Phone:  +47 24 16 42 60              Fax:    +47 24 16 40 01

  By Date           By Thread  

Current thread:
  • Re: Opera 8.50 DoS with simple java applet Yngve N. Pettersen (Developer Opera Software ASA) (Dec 01)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]