FreeBSD : opera -- multiple vulnerabilities (30c560ff-e0df-11dc-891a-02061b08fc24)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Opera Software ASA reports about multiple security fixes :

- Fixed an issue where simulated text inputs could trick users into
uploading arbitrary files, as reported by Mozilla.

- Image properties can no longer be used to execute scripts, as
reported by Max Leonov.

- Fixed an issue where the representation of DOM attribute values
could allow cross site scripting, as reported by Arnaud.lb.

See also :

http://www.opera.com/docs/changelogs/freebsd/926/
http://www.opera.com/support/search/view/877/
http://www.opera.com/support/search/view/879/
http://www.opera.com/support/search/view/880/
http://www.nessus.org/u?f4888449

Solution :

Update the affected packages.

Risk factor :

Medium / CVSS Base Score : 6.8
(CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 31154 (freebsd_pkg_30c560ffe0df11dc891a02061b08fc24.nasl)

Bugtraq ID:

CVE ID: CVE-2008-1080
CVE-2008-1081

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now