openSUSE Security Update : opera (openSUSE-SU-2012:1481-1)

high Nessus Plugin ID 74809

Synopsis

The remote openSUSE host is missing a security update.

Description

This Opera 12.10 security update fixes following security issues :

-an issue that could cause Opera not to correctly check for certificate revocation;

-an issue where CORS requests could incorrectly retrieve contents of cross origin pages;

-an issue where data URIs could be used to facilitate Cross-Site Scripting;

-a high severity issue, as reported by Gareth Heyes; details will be disclosed at a later date

-an issue where specially crafted SVG images could allow execution of arbitrary code;

-a moderate severity issue, as reported by the Google Security Group;
details will be disclosed at a later date Full changelog available at:
http://www.opera.com/docs/changelogs/unix/1210

Solution

Update the affected opera packages.

See Also

https://help.opera.com/en/latest/

https://bugzilla.novell.com/show_bug.cgi?id=788321

https://lists.opensuse.org/opensuse-updates/2012-11/msg00020.html

Plugin Details

Severity: High

ID: 74809

File Name: openSUSE-2012-777.nasl

Version: 1.5

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, p-cpe:/a:novell:opensuse:opera-gtk, p-cpe:/a:novell:opensuse:opera-kde4, cpe:/o:novell:opensuse:12.1

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 11/7/2012