FreeBSD : opera -- multiple vulnerabilities (fb84d5dd-9528-11dd-9a00-001999392805)

This script is Copyright (C) 2008-2016 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing one or more security-related
updates.

Description :

Opera reports :

If a malicious page redirects Opera to a specially crafted address
(URL), it can cause Opera to crash. Given sufficient address content,
the crash could cause execution of code controlled by the attacking
page.

Once a Java applet has been cached, if a page can predict the cache
path for that applet, it can load the applet from the cache, causing
it to run in the context of the local machine. This allows it to read
other cache files on the computer or perform other normally more
restrictive actions. These files could contain sensitive information,
which could then be sent to the attacker.

See also :

http://www.opera.com/support/search/view/901/
http://www.opera.com/support/search/view/902/
http://www.nessus.org/u?093c4cb4

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 34382 (freebsd_pkg_fb84d5dd952811dd9a00001999392805.nasl)

Bugtraq ID:

CVE ID: CVE-2008-4694
CVE-2008-4695

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now