FreeBSD : opera -- multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)

This script is Copyright (C) 2011-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Opera reports :

Opera 11.01 is a recommended upgrade offering security and stability

The following security vulnerabilities have been fixed :

- Removed support for 'javascript:' URLs in CSS -o-link values, to
make it easier for sites to filter untrusted CSS.

- Fixed an issue where large form inputs could allow execution of
arbitrary code, as reported by Jordi Chancel; see our advisory.

- Fixed an issue which made it possible to carry out clickjacking
attacks against internal opera: URLs; see our advisory.

- Fixed issues which allowed web pages to gain limited access to files
on the user's computer; see our advisory.

- Fixed an issue where email passwords were not immediately deleted
when deleting private data; see our advisory.

See also :

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 9.3

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 51928 ()

Bugtraq ID:

CVE ID: CVE-2011-0450

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now