CVE-2010-1993

Name of the Vulnerable Software and Affected Versions Opera version 9.52

Description The issue arises from improper handling of an IFRAME element with a mailto: URL in its SRC attribute. This allows remote attackers to cause a denial of service, specifically resource consumption, by creating an HTML document containing many IFRAME elements.

Recommendations For Opera version 9.52, consider avoiding the use of IFRAME elements with mailto: URLs in their SRC attribute until a fix is available. As a temporary workaround, restrict the number of IFRAME elements in HTML documents to minimize the risk of resource consumption.