openSUSE Security Update : opera (opera-366)

This script is Copyright (C) 2009-2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Opera 9.63 fixes the following security problems :

- Manipulating text input contents can allow execution of
arbitrary code

- HTML parsing flaw can cause Opera to execute arbitrary
code.

- Long hostnames in file: URLs can cause execution of
arbitrary code.

- Script injection in feed preview can reveal contents of
unrelated news feeds.

- Built-in XSLT templates can allow cross-site scripting.

- Fixed an issue that could reveal random data.

- SVG images embedded using <img> tags can no longer
execute Java or plugin content.

See also :

https://bugzilla.novell.com/show_bug.cgi?id=459404

Solution :

Update the affected opera package.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 40094 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now