openSUSE Security Update : opera (openSUSE-SU-2012:1481-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

This Opera 12.10 security update fixes following security issues :

-an issue that could cause Opera not to correctly check for
certificate revocation;

-an issue where CORS requests could incorrectly retrieve contents of
cross origin pages;

-an issue where data URIs could be used to facilitate Cross-Site
Scripting;

-a high severity issue, as reported by Gareth Heyes; details will be
disclosed at a later date

-an issue where specially crafted SVG images could allow execution of
arbitrary code;

-a moderate severity issue, as reported by the Google Security Group;
details will be disclosed at a later date Full changelog available at:
http://www.opera.com/docs/changelogs/unix/1210

See also :

http://lists.opensuse.org/opensuse-updates/2012-11/msg00020.html
http://www.opera.com/docs/changelogs/unix/1210
https://bugzilla.novell.com/show_bug.cgi?id=788321

Solution :

Update the affected opera packages.

Risk factor :

High

Family: SuSE Local Security Checks

Nessus Plugin ID: 74809 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now