High Nessus Plugin ID 24418
SynopsisThe remote host is missing a vendor-supplied security patch
DescriptionThe remote host is missing the patch for the advisory SUSE-SA:2006:038 (opera).
The web browser Opera has been upgraded to version 9.0 to add lots of new features, and to fix the following security problem:
- CVE-2006-3198: An integer overflow vulnerability exists in the Opera Web Browser due to the improper handling of JPEG files.
If excessively large height and width values are specified in certain fields of a JPEG file, an integer overflow may cause Opera to allocate insufficient memory for the image. This will lead to a buffer overflow when the image is loaded into memory, which can be exploited to execute arbitrary code.
- CVE-2006-3331: Opera did not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.