openSUSE 10 Security Update : opera (opera-5354)

Medium Nessus Plugin ID 33224


The remote openSUSE host is missing a security update.


This patch brings Opera to security update level 9.50

Following security problems were fixed: CVE-2008-2714: Opera before 9.26 allows remote attackers to misrepresent web page addresses using 'certain characters' that 'cause the page address text to be misplaced.'

CVE-2008-2715: Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns.

CVE-2008-2716: Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.

It also contains lots of new features and other bugfixes, see the Changelog at:


Update the affected opera package.

See Also

Plugin Details

Severity: Medium

ID: 33224

File Name: suse_opera-5354.nasl

Version: $Revision: 1.7 $

Type: local

Agent: unix

Published: 2008/06/19

Modified: 2014/06/13

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:10.2, cpe:/o:novell:opensuse:10.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2008/06/17

Reference Information

CVE: CVE-2008-2714, CVE-2008-2715, CVE-2008-2716

CWE: 200