Opera < 11.61 Multiple Vulnerabilities

This script is Copyright (C) 2012-2016 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is potentially affected
by multiple vulnerabilities.

Description :

The version of Opera installed on the remote Windows host is earlier
than 11.61 and is, therefore, potentially affected by multiple
vulnerabilities :

- Same-origin policy restriction can be bypassed via
specially crafted web content and HTML frames
manipulation. (Issue #1007)

- An error in local file access restrictions can allow
malicious websites to determine the presence of local
files. Note that the content of local files are not
disclosed and an attacker would need to guess the path
of a file in order to determine if the file is present.
(Issue #1008)

See also :

http://www.opera.com/support/kb/view/1007/
http://www.opera.com/support/kb/view/1008/
http://www.opera.com/docs/changelogs/windows/1161/

Solution :

Upgrade to Opera 11.61 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Windows

Nessus Plugin ID: 57751 ()

Bugtraq ID: 51648

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now