Vulnerability in createSVGTransformFromMatrix (JavaScript, SVG) – Opera Security Advisories

Summary

A vulnerability in createSVGTransformFromMatrix ObjectTypecasting can crash Opera.

Severity

Moderate

Problem description

Passing an incorrect object to createSVGTransformFromMatrixcan crash Opera and enable arbitrary code execution.

 

Users who have disabled JavaScript are not affected.

Opera’s response

Opera has released version 9.10, where this flaw has beencorrected.

Credits

Thanks to iDefense Labs for notifying Opera Softwareabout this vulnerability.