Detections
Analytics

Opera < 11 Multiple Vulnerabilities

high Nessus Plugin ID 51343

Language:

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities

Description

The version of Opera installed on the remote host is earlier than 11.00. Such versions are potentially affected by the following issues :

 - An error exists such that web page content can be displayed over dialog boxes leading to security warning misrepresentation. (977, CVE-2010-4579)

 - An error exists such that WAP form contents can be leaked to third-party sites. (979, CVE-2010-4580)

 - An unspecified high severity issue with unknown impact exists. (CVE-2010-4581)

 - An error exists in the handling of security policies during extension updates. (CVE-2010-4582)

 - An error exists when 'Opera Turbo' is enabled that does not display a page's security information correctly. (CVE-2010-4583)

 - An error exists when viewing sites over HTTPS such that problems with X.509 certificates are not displayed properly. (CVE-2010-4584)

 - An error exists in the automatic update functionality that allows an attacker to cause a denial of service by crashing the application. (CVE-2010-4585)

 - The 'WebSockets' implementation contains unspecified errors with unknown impact. (CVE-2010-4586)

 - An error exists in the implementation of the 'Insecure Third Party Module' warning messages that results in an unspecified vulnerability. (CVE-2010-4587)

Solution

Upgrade to Opera 11 or later.

See Also

http://www.nessus.org/u?96692176

http://www.nessus.org/u?4c40eedd

http://www.nessus.org/u?e44e26a3

Plugin Details

Severity: High

ID: 51343

File Name: opera_1100.nasl

Version: 1.11

Type: Local

Agent: windows

Family: Windows

Published: 12/17/2010

Updated: 5/27/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2010-4587

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Required KB Items: installed_sw/Opera

Exploit Ease: No known exploits are available

Patch Publication Date: 12/16/2010

Vulnerability Publication Date: 12/16/2010

Reference Information

CVE: CVE-2010-4579, CVE-2010-4580, CVE-2010-4581, CVE-2010-4582, CVE-2010-4583, CVE-2010-4584, CVE-2010-4585, CVE-2010-4586, CVE-2010-4587

BID: 45461

Secunia: 42653