Opera < 10.61 Multiple Vulnerabilities

This script is Copyright (C) 2010-2012 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is affected by multiple
vulnerabilities

Description :

The version of Opera installed on the remote host is earlier than
10.61. Such versions are potentially affected by the following
issues :

- A heap overflow when performing painting operations on
an HTML5 canvas can result in execution of arbitrary
code. (966)

- An issue with tab focus is open to an attack
where it is used to obscure a download dialog that is in
another tab. The user can be tricked into clicking on
buttons in the dialog, resulting in the downloaded file
being executed. (967)

- Certain types of content concerning the news feed
preview do not have their scripts removed properly,
possibly resulting in subscription of feeds without
the user's consent. (968)

- Loading an animated PNG image may cause high CPU usage
with no response from the browser. (CVE-2010-3021)

- An error exists in the handling of 'SELECT' HTML
elements having a very large 'size' attribute. This
error can allow memory corruption and possibly allows
remote code execution. (CVE-2011-1824)

See also :

http://www.opera.com/docs/changelogs/windows/1061/
http://www.opera.com/support/kb/view/966/
http://www.opera.com/support/kb/view/967/
http://www.opera.com/support/kb/view/968/
http://www.toucan-system.com/advisories/tssa-2011-02.txt

Solution :

Upgrade to Opera 10.61 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 7.7
(CVSS2#E:F/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 48317 ()

Bugtraq ID: 42407
47764

CVE ID: CVE-2010-2576
CVE-2010-3019
CVE-2010-3020
CVE-2010-3021
CVE-2011-1824

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now