Opera < 9.64 Multiple Vulnerabilities
High Log Correlation Engine Plugin ID 800824
SynopsisThe remote host is vulnerable to multiple attack vectors.
DescriptionThe version of Opera installed on the remote host is earlier than 9.64 and is reportedly affected by multiple issues :
- A memory corruption vulnerability when processing specially crafted JPEG files could allow an attacker to execute arbitrary code with the privileges of the affected application. (926)
- It may be possible for certain plugins to execute arbitrary code in the context of a different domain. An attacker could exploit this to steal authentication credentials as well as carry out other attacks.
- A denial of service issue when the application handles a maliciously crafted web page containing 'HTMLSelectElement' object with a large length attribute.
SolutionUpgrade to version 9.64 or higher.