CVE-2007-0127

CVE-2007-0127 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call.

Learn more about our Web Application Penetration Testing UK.