Opera < 7.20 news URL Handling DoS

medium Nessus Plugin ID 14249

Synopsis

A browser installed on the remote host is vulnerable to a denial of service attack.

Description

The version of Opera installed on the remote host reportedly crashes when processing a 'news:' URL of excessive length, that may result in a denial of service. It has been reported that this issue will trigger a condition that will prevent Opera from functioning until the program has been reinstalled.

Solution

Install Opera 7.20 or newer.

Plugin Details

Severity: Medium

ID: 14249

File Name: opera_news_url_dos.nasl

Version: 1.17

Type: local

Agent: windows

Family: Windows

Published: 8/10/2004

Updated: 8/8/2018

Supported Sensors: Nessus Agent, Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Required KB Items: SMB/Opera/Version

Exploit Available: true

Exploit Ease: No exploit is required

Reference Information

BID: 7430