FreeBSD : opera -- multiple vulnerabilities (44224e08-8306-11dc-9283-0016179b2dd5)

High Nessus Plugin ID 27578


The remote FreeBSD host is missing one or more security-related updates.


An advisory from Opera reports :

If a user has configured Opera to use an external newsgroup client or e-mail application, specially crafted Web pages can cause Opera to run that application incorrectly. In some cases this can lead to execution of arbitrary code.

When accessing frames from different Websites, specially crafted scripts can bypass the same-origin policy, and overwrite functions from those frames. If scripts on the page then run those functions, this can cause the script of the attacker's choice to run in the context of the target Website.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 27578

File Name: freebsd_pkg_44224e08830611dc92830016179b2dd5.nasl

Version: $Revision: 1.13 $

Type: local

Published: 2007/10/26

Modified: 2014/04/04

Dependencies: 12634

Risk Information

Risk Factor: High


Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:linux-opera, p-cpe:/a:freebsd:freebsd:opera, p-cpe:/a:freebsd:freebsd:opera-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2007/10/25

Vulnerability Publication Date: 2007/10/17

Reference Information

CVE: CVE-2007-5540, CVE-2007-5541

Secunia: 27277

CWE: 20