Opera < 9.24 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800827


The remote host contains a web browser that is affected by two vulnerabilities.


The version of Opera installed on the remote host reportedly may allow for arbitrary code execution if it has been configured to use an external news reader or email client and a user views a specially-crafted web page. In addition, it may also allow a script to bypass the same-origin policy and overwrite functions on pages from other domains when processing frames from different web sites, which can be leveraged to conduct cross-site scripting attacks.


Upgrade to version 9.24 or higher.

See Also




Plugin Details

Severity: High

ID: 800827

File Name: 800827.prm

Family: Web Clients

Nessus ID: 27506

Risk Information

Risk Factor: High


Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Reference Information

CVE: CVE-2007-5540, CVE-2007-5541

BID: 26100, 26102