FreeBSD : opera -- multiple vulnerabilities (44224e08-8306-11dc-9283-0016179b2dd5)

This script is Copyright (C) 2007-2014 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

An advisory from Opera reports :

If a user has configured Opera to use an external newsgroup client or
e-mail application, specially crafted Web pages can cause Opera to run
that application incorrectly. In some cases this can lead to execution
of arbitrary code.

When accessing frames from different Websites, specially crafted
scripts can bypass the same-origin policy, and overwrite functions
from those frames. If scripts on the page then run those functions,
this can cause the script of the attacker's choice to run in the
context of the target Website.

See also :

http://www.opera.com/support/search/view/866/
http://www.opera.com/support/search/view/867/
http://www.nessus.org/u?6cb17297

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 27578 (freebsd_pkg_44224e08830611dc92830016179b2dd5.nasl)

Bugtraq ID:

CVE ID: CVE-2007-5540
CVE-2007-5541

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now