Opera < 9.00 Multiple Vulnerabilities

This script is Copyright (C) 2006-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
issues.

Description :

The version of Opera installed on the remote host reportedly contains
an issue that presents itself when the height and width parameters of
a JPEG image are set excessively high, causing Opera to allocate
insufficient memory for the image and crash as it tries to write to
memory at the wrong location.

In addition, it is reportedly affected by a flaw that may allow an
attacker to display an SSL certificate from a trusted site on an
untrusted one.

See also :

http://www.securityfocus.com/archive/1/438074/30/0/threaded
http://www.opera.com/support/search/supsearch.dml?index=834
http://secunia.com/secunia_research/2006-49/advisory/

Solution :

Upgrade to Opera version 9.00 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 6.4
(CVSS2#E:U/RL:U/RC:ND)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 21786 ()

Bugtraq ID: 18594
18692

CVE ID: CVE-2006-3198
CVE-2006-3331

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now