Opera < 11.52 Multiple Vulnerabilities
High Nessus Plugin ID 56585
SynopsisThe remote host contains a web browser that is affected by multiple vulnerabilities.
DescriptionThe version of Opera installed on the remote Windows host is prior to 11.52. It is, therefore, affected by multiple vulnerabilities :
- An unspecified use-after-free error exists due to improper validation of user-supplied input. A remote attacker can exploit this, via a specially crafted web page, to dereference already freed memory, resulting in a crash of the browser. (CVE-2011-4152)
- An error exists related to the handling of certain font manipulations inside dynamically added or specifically embedded SVG images or SVG content in nested frames. A remote attacker can exploit this to crash the application or execute arbitrary code.
(BID 50044 / Issue #1002)
- Multiple unspecified errors exist that allow an attacker to cause a stack overflow condition, resulting in a browser crash.
SolutionUpgrade to Opera 11.52 or later.