Opera < 11.64 URL Parsing Memory Corruption

This script is Copyright (C) 2012 Tenable Network Security, Inc.


Synopsis :

The remote host contains a web browser that is potentially affected
by a memory corruption vulnerability.

Description :

The version of Opera installed on the remote Windows host is earlier
than 11.64 and is, therefore, potentially affected by a memory
corruption vulnerability.

Certain crafted URLs can cause the application to allocate incorrect
amounts of memory and overwrite unrelated memory. This corruption can
then lead to application crashes or even arbitrary code execution.

See also :

http://www.opera.com/support/kb/view/1016/
http://www.opera.com/docs/changelogs/windows/1164/

Solution :

Upgrade to Opera 11.64 or later.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 59089 ()

Bugtraq ID: 53474

CVE ID: CVE-2012-3561

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now