openSUSE Security Update : Opera (openSUSE-SU-2013:0273-2)

This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

Opera 12.13 is a recommended upgrade offering security and stability
enhancements.

-fixed an issue where Opera gets internal communication errors on
Facebook

-fixed an issue where no webpages load on startup, if Opera
is disconnected from the Internet

-fixed an issue where images will not load after back
navigation, when a site uses the HTML5 history API
(deviantart.com)

-improved protection against hijacking of the default search,
including a one-time reset

-fixed an issue where DOM events manipulation might be used to execute
arbitrary code;

-fixed an issue where use of SVG clipPaths could allow
execution of arbitrary code;

-fixed a low severity security issue; details will be
disclosed at a later date

-fixed an issue where CORS requests could omit the preflight
request;

Also check out http://www.opera.com/docs/changelogs/unix/1213

See also :

http://lists.opensuse.org/opensuse-updates/2013-02/msg00025.html
http://lists.opensuse.org/opensuse-updates/2013-02/msg00088.html
http://www.opera.com/docs/changelogs/unix/1213
https://bugzilla.novell.com/show_bug.cgi?id=801233

Solution :

Update the affected Opera packages.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:C/I:N/A:N)
CVSS Temporal Score : 6.7
(CVSS2#E:F/RL:ND/RC:ND)
Public Exploit Available : true

Family: SuSE Local Security Checks

Nessus Plugin ID: 74884 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now