Opera < 12.11 Multiple Vulnerabilities

High Log Correlation Engine Plugin ID 800861

Synopsis

The remote host has a web browser installed that is vulnerable by multiple vulnerabilities

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 12.11 are potentially affected by the following vulnerabilities :

- A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. (1036)

- An issue exists related to the application's error handling that can allow a malicious website to determine the existence of and path to local files. (1037)

Solution

Upgrade to Opera 12.11 or later.

See Also

http://www.opera.com/support/kb/view/1036

http://www.opera.com/support/kb/view/1037

http://www.opera.com/docs/changelogs/unified/1211

Plugin Details

Severity: High

ID: 800861

File Name: 800861.prm

Family: Web Clients

Published: 2012/11/21

Nessus ID: 62984

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

Patch Publication Date: 2012/11/20

Vulnerability Publication Date: 2012/11/20

Reference Information

BID: 56594