Opera < 9.22 Multiple Vulnerabilities

This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
issues.

Description :

The version of Opera installed on the remote host reportedly can be
tricked into attempting to dereference an invalid object pointer when
parsing a specially crafted BitTorrent header. This could cause the
application to crash or even lead to execution of arbitrary code
subject to the privileges of the current user.

Successful exploitation requires that a user on the affected host
click on a link to a BitTorrent file and then remove the entry from
Opera's download manager.

In addition, it can mistakenly display the end of a 'data:' URL rather
than the beginning, which can lead to spoofing of trusted sites.

See also :

http://www.nessus.org/u?16e8f6cd
http://seclists.org/fulldisclosure/2007/Jul/405
http://www.securityfocus.com/archive/1/473703/30/0/threaded
http://www.0x000000.com/?i=334
http://www.opera.com/support/search/view/862/
http://www.opera.com/support/search/view/863/
http://www.opera.com/support/search/view/864/
http://www.opera.com/docs/changelogs/windows/922/

Solution :

Upgrade to Opera version 9.22 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 8.1
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 25755 ()

Bugtraq ID: 24352
24917
24970

CVE ID: CVE-2007-3142
CVE-2007-3819
CVE-2007-3929

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now