Detections
Analytics

Opera < 9.60 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800821

Synopsis

The remote host contains a web browser that is affected by several issues.

Description

The version of Opera installed on the remote host is earlier than 9.60 and is reportedly affected by several issues :
 - Specially crafted URLs can cause Opera to crash or allow arbitrary code execution.
 - Once a Java applet has been cached, a page that can predict the cache path for that applet can load it from cache thereby causing it to run in the security context of the local machine, allowing for reading of other files from the cache.

Solution

Upgrade to version 9.60 or higher.

See Also

http://.opera.com/support/search/view/901

http://.opera.com/support/search/view/902

http://.opera.com/docs/changelogs/windows/960

Plugin Details

Severity: High

ID: 800821

Family: Web Clients

Nessus ID: 34368

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Reference Information

CVE: CVE-2008-4694, CVE-2008-4695

BID: 31631, 31643