openSUSE Security Update : Opera (openSUSE-SU-2013:0289-2)

medium Nessus Plugin ID 74888

Synopsis

The remote openSUSE host is missing a security update.

Description

Opera was updated to 12.14 version fixing stability issues. This update also consists updates for Opera 12.13 which is a recommended upgrade offering security and stability enhancements.

-fixed an issue where Opera gets internal communication errors on Facebook

-fixed an issue where no webpages load on startup, if Opera is disconnected from the Internet

-fixed an issue where images will not load after back navigation, when a site uses the HTML5 history API (deviantart.com)

-improved protection against hijacking of the default search, including a one-time reset

-fixed an issue where DOM events manipulation might be used to execute arbitrary code;

-fixed an issue where use of SVG clipPaths could allow execution of arbitrary code;

-CVE-2013-1618: Fixed a TLS information leak.

-fixed an issue where CORS requests could omit the preflight request;

Solution

Update the affected Opera packages.

See Also

https://bugzilla.novell.com/show_bug.cgi?id=801233

https://lists.opensuse.org/opensuse-updates/2013-02/msg00038.html

https://lists.opensuse.org/opensuse-updates/2013-02/msg00093.html

Plugin Details

Severity: Medium

ID: 74888

File Name: openSUSE-2013-113.nasl

Version: 1.6

Type: local

Agent: unix

Published: 6/13/2014

Updated: 1/19/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 4

Temporal Score: 3

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, p-cpe:/a:novell:opensuse:opera-gtk, p-cpe:/a:novell:opensuse:opera-kde4, cpe:/o:novell:opensuse:12.1, cpe:/o:novell:opensuse:12.2

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 2/8/2013

Reference Information

CVE: CVE-2013-1618