icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

Opera < 11.62 Multiple Vulnerabilities

High

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 11.62 are potentially affected by multiple vulnerabilities :

- Small windows can be used to trick users in to executing downloads. (Issue 1010)

- Overlapping content can trick users into executing downloads. (Issue 1011)

- History.state can leak the state data from cross domain pages. (Issue 1012)

- Web page dialogs can be used to display the wrong address in the address field. (Issue 1013)

- Carefully timed reloads and redirects can spoof the address field. (Issue 1014)

Solution

Upgrade to Opera 11.62 or later.