Detections
Analytics

Opera < 12.11 Multiple Vulnerabilities

high Log Correlation Engine Plugin ID 800861

Synopsis

The remote host has a web browser installed that is vulnerable by multiple vulnerabilities

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 12.11 are potentially affected by the following vulnerabilities :

 - A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. (1036)

 - An issue exists related to the application's error handling that can allow a malicious website to determine the existence of and path to local files. (1037)

Solution

Upgrade to Opera 12.11 or later.

See Also

http://www.opera.com/support/kb/view/1036

http://www.opera.com/support/kb/view/1037

http://www.opera.com/docs/changelogs/unified/1211

Plugin Details

Severity: High

ID: 800861

Family: Web Clients

Published: 11/21/2012

Nessus ID: 62984

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

Patch Publication Date: 11/20/2012

Vulnerability Publication Date: 11/20/2012

Reference Information

BID: 56594