ECHO_ADV_35$2006 ------------------------------------------------------------------------------------ [ECHO_ADV_35$2006] OPERA Web Browser 9 Denial OF Service ------------------------------------------------------------------------------------ Author : Ahmad Muammar W.K (a.k.a) y3dips Date Found : July, 1th 2006 Location : Indonesia, Jakarta web : http://echo.or.id/adv/adv35-y3dips-2006.txt Critical Lvl : Moderated Impact : Browser will automatically shutdown Where : From Remote ------------------------------------------------------------------------------------ Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Opera Web Browser Application : Opera Web Browser version : Opera/9.00 (X11; Linux i686; U; en) Opera/9.00 (Windows NT 5:1;U;en) Some Other version are bot vulnerable and others are not tested, URL : http://opera.com Description : Vulnerability can be exploited by using live exploit : http://y3dips.echo.or.id/opera9-dos/ ------------------------------------------------------------------------------------ Solution: ~~~~~~~~ Disable Java Scipt execution from Opera Web browser ------------------------------------------------------------------------------------ Shoutz: ~~~~~~~ ~ my beloved ana ~ the_day, K-159 (keep researching), also all echo staff ~ negative , naisenodni crew ~ janex vind "waraxe" @ waraxe.us ~ newbie_hacker[at]yahoogroups.com ~ #e-c-h-o @irc.dal.net ------------------------------------------------------------------------------------ Contact: ~~~~~~~~ y3dips || echo|staff || y3dips[at]echo[dot]or[dot]id Homepage: http://y3dips.echo.or.id/ -------------------------------- [ EOF ] -------------------------------------------