Opera < 9.10 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800823

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of Opera installed on the remote host reportedly contains a heap overflow vulnerability that can be triggered when processing the DHT marker in a specially-crafted JPEG image to crash the browser or possibly allow execution of arbitrary code on the affected host. In addition, another flaw in Opera's createSVGTransformFromMatrix object typecasting may lead to a browser crash or arbitrary code execution if support for Javascript is enabled.

Solution

Upgrade to version 9.10 or higher.

See Also

labs.idefense.com/intelligence/vulnerabilities/display.php?id=458

labs.idefense.com/intelligence/vulnerabilities/display.php?id=457

http://.securityfocus.com/archive/1/456053

http://.securityfocus.com/archive/1/456066

http://.opera.com/support/search/supsearch.dml?index=852

http://.opera.com/support/search/supsearch.dml?index=851

Plugin Details

Severity: High

ID: 800823

File Name: 800823.prm

Family: Web Clients

Nessus ID: 23977

Risk Information

Risk Factor: High

CVSSv2

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Reference Information

CVE: CVE-2006-4819

BID: 20591, 21882