SUSE-SA:2005:034: opera

This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.


Synopsis :

The remote host is missing a vendor-supplied security patch

Description :

The remote host is missing the patch for the advisory SUSE-SA:2005:034 (opera).


The web browser Opera has been updated to version 8.01 to fix various
security-related bugs.

* Fixed XMLHttpRequest redirect vulnerability reported in Secunia
Advisory 15008.
* Fixed cross-site scripting vulnerability reported in Secunia
Advisory 15411.
* Fixed cross-site scripting vulnerability in location header when
automatic redirection is disabled. Vulnerability reported in Secunia
Advisory 15423.
* Fix for variant of window injection vulnerability reported in Secunia
Advisory 13253
* Fixed information disclosure weakness causing file path information
to be sent when using the GET form method. Security Focus Bugtraq
ID #12723.
* Improved accuracy of security bar and modified security icon
behavior: when a certificate is accepted manually after a warning,
the security level of the connection is set to 1.
* Fixed issue with wrong referrers being sent to sites in browsing
history.
* Fixed erroneous display of certificate names containing ampersands.
* Solved problem with collapsed address bars for some pop-ups
missing indication of security level.

These issues are tracked by the Mitre CVE IDs CVE-2005-1475,
CVE-2005-1669 and CVE-2004-1157.

Solution :

http://www.suse.de/security/advisories/2005_34_opera.html

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 19243 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now