Vulnerability Description
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image.
CVSS Score
7.8
HIGH
AV:N/AC:L/Au:N/C:C/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Opera | Opera Browser | <= 9.50 |
Related Weaknesses (CWE)
References
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
- http://secunia.com/advisories/30935Vendor Advisory
- http://secunia.com/advisories/31339
- http://www.opera.com/docs/changelogs/freebsd/951/
- http://www.opera.com/docs/changelogs/linux/951/
- http://www.opera.com/docs/changelogs/mac/951/
- http://www.opera.com/docs/changelogs/solaris/951/
- http://www.opera.com/docs/changelogs/windows/951/
- http://www.opera.com/support/search/view/887/
- http://www.securityfocus.com/bid/30068
- http://www.vupen.com/english/advisories/2008/1997/references
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43575
- http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
- http://secunia.com/advisories/30935Vendor Advisory
- http://secunia.com/advisories/31339
FAQ
What is CVE-2008-3078?
CVE-2008-3078 is a vulnerability with a CVSS score of 7.8 (HIGH). Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canv...
How severe is CVE-2008-3078?
CVE-2008-3078 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-3078?
Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser.