Detections
Analytics
Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access
high Nessus Plugin ID 46204
Language:
Synopsis
The remote host contains a web browser that may allow code execution.Description
The version of Opera installed on the remote host is earlier than 10.53. Such versions are potentially affected by the following issue :- Multiple asynchronous calls to a script that modifies document contents can be abused to reference an uninitialized value, leading to an application crash or possibly allowing execution of arbitrary code. (953)
Solution
Upgrade to Opera 10.53 or later.See Also
http://www.nessus.org/u?d143f98e
http://web.archive.org/web/20130225211803/http://www.opera.com/support/kb/view/953/
http://web.archive.org/web/20170829142741/http://www.opera.com/docs/changelogs/windows/1053/
Plugin Details
Severity: High
ID: 46204
File Name: opera_1053.nasl
Version: 1.12
Type: local
Agent: windows
Family: Windows
Published: 4/30/2010
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 6.9
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:opera:opera_browser
Required KB Items: SMB/Opera/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 4/30/2010
Vulnerability Publication Date: 4/27/2010
Reference Information
CVE: CVE-2010-1728
BID: 39855
Secunia: 39590