Opera < 12.17 opera_autoupdate.exe MITM Vulnerability

Medium Nessus Plugin ID 73764


The remote host contains a web browser component that is affected by a man-in-the-middle vulnerability.


The version of Opera installed on the remote host is prior to version 12.17, and thus includes an automatic update-checking component, 'opera_autoupdate.exe', that is vulnerable to man-in-the- middle attacks because it does not properly verify server certificates.


Upgrade to Opera 12.17 or later.

See Also



Plugin Details

Severity: Medium

ID: 73764

File Name: opera_1217.nasl

Version: $Revision: 1.1 $

Type: local

Agent: windows

Family: Windows

Published: 2014/04/29

Modified: 2014/04/30

Dependencies: 21746

Risk Information

Risk Factor: Medium


Base Score: 6.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Required KB Items: SMB/Opera/Version

Patch Publication Date: 2014/04/23

Vulnerability Publication Date: 2014/04/23