Detections
Analytics
Opera < 12.17 opera_autoupdate.exe MITM Vulnerability
medium Nessus Plugin ID 73764
Language:
Synopsis
The remote host contains a web browser component that is affected by a man-in-the-middle vulnerability.Description
The version of Opera installed on the remote host is prior to version 12.17, and thus includes an automatic update-checking component, 'opera_autoupdate.exe', that is vulnerable to man-in-the- middle attacks because it does not properly verify server certificates.Solution
Upgrade to Opera 12.17 or later.See Also
http://web.archive.org/web/20170708033606/http://www.opera.com/docs/changelogs/windows/1217/
https://blogs.opera.com/security/2014/04/heartbleed-heartaches/
Plugin Details
Severity: Medium
ID: 73764
File Name: opera_1217.nasl
Version: 1.2
Type: local
Agent: windows
Family: Windows
Published: 4/29/2014
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
CVSS v2
Risk Factor: Medium
Base Score: 6.8
Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P
Vulnerability Information
CPE: cpe:/a:opera:opera_browser
Required KB Items: SMB/Opera/Version
Patch Publication Date: 4/23/2014
Vulnerability Publication Date: 4/23/2014