icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Opera < 9.63 Multiple Vulnerabilities

Medium

Synopsis

The remote host contains a web browser that is affected by several issues.

Description

The version of Opera installed on the remote host is earlier than 9.63 and is reportedly affected by several issues :

- It may be possible to execute arbitrary code on the remote system by manipulating certain text-area contents. (920)

- It may be possible to crash the remote browser using certain HTML constructs or inject code under certain conditions. (921)

- While previewing news feeds, Opera does not correctly block certain scripted URLs. Such scripts, if not blocked, may be able to subscribe a user to other arbitrary feeds and view contents of the feeds to which the user is currently subscribed. (923)

- By displaying content using XSLT as escaped strings, it may be possible for a website to inject scripted markup. (924)

Solution

Upgrade to version 9.63 or higher.