Detections
Analytics

Opera < 11.50 Multiple Vulnerabilities

critical Nessus Plugin ID 55470

Language:

Synopsis

The remote host contains a web browser that is affected by multiple vulnerabilities.

Description

The version of Opera installed on the remote Windows host is earlier than 11.50 and thus potentially affected by multiple vulnerabilities:

 - An error exists in the handling of data URIs that allows cross-site scripting in some unspecified cases. (Issue #995)

 - An error exists in the browser's handling of error pages. Opera generates error pages in response to an invalid URL. If enough invalid URLs are attempted, the host's disk space is eventually filled, the browser crashes and the error files are left behind. (Issue #996)

 - An additional, moderately severe and unspecified error exists. Details regarding this error are to be released in the future. (CVE-2011-2610)

 - Several unspecified errors exist that can cause application crashes. Affected items or functionaility are: printing, unspecified web content, JavaScript Array.prototype.join method, drawing paths with many characters, selecting text nodes, iframes, closed or removed pop-up windows, moving audio or video elements between windows, canvas elements, SVG items, CSS files, form layouts, web workers, SVG BiDi, large tables and print preview, select elements with many items, and the src attribute of the iframe element.
 (CVE-2011-2611, CVE-2011-2612, CVE-2011-2613, CVE-2011-2614, CVE-2011-2615, CVE-2011-2616, CVE-2011-2617, CVE-2011-2618, CVE-2011-2619, CVE-2011-2620, CVE-2011-2621, CVE-2011-2622, CVE-2011-2623, CVE-2011-2624, CVE-2011-2625, CVE-2011-2626, CVE-2011-2627)

Solution

Upgrade to Opera 11.50 or later.

See Also

http://www.nessus.org/u?7e8c7212

http://www.nessus.org/u?27e7d58d

http://www.nessus.org/u?5d82d9dc

Plugin Details

Severity: Critical

ID: 55470

File Name: opera_1150.nasl

Version: 1.13

Type: Local

Agent: windows

Family: Windows

Published: 6/30/2011

Updated: 5/27/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2011-2627

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Required KB Items: installed_sw/Opera

Exploit Ease: No known exploits are available

Patch Publication Date: 6/28/2011

Vulnerability Publication Date: 6/28/2011

Reference Information

CVE: CVE-2011-1337, CVE-2011-2609, CVE-2011-2610, CVE-2011-2611, CVE-2011-2612, CVE-2011-2613, CVE-2011-2614, CVE-2011-2615, CVE-2011-2616, CVE-2011-2617, CVE-2011-2618, CVE-2011-2619, CVE-2011-2620, CVE-2011-2621, CVE-2011-2622, CVE-2011-2623, CVE-2011-2624, CVE-2011-2625, CVE-2011-2626, CVE-2011-2627

BID: 48500, 48501, 48556, 48568

Secunia: 45060