Opera < 7.0.3 Multiple Vulnerabilities

High Nessus Network Monitor Plugin ID 1764

Synopsis

The remote host is using a vulnerable version of the Opera browser.

Description

The remote host is using Opera. The version installed is vulnerable to various security flaws, ranging from cross-site scripting to buffer overflows. To exploit them, an attacker would need to set up a rogue web site, then lure a user of this host visit it using Opera. An attacker would then be able to execute arbitrary code on this host.

Solution

Install Opera 7.0.3 or higher.

See Also

http://www.opera.com/docs/changelogs/windows/703

Plugin Details

Severity: High

ID: 1764

File Name: 1764.prm

Family: Web Clients

Published: 2004/08/20

Modified: 2016/12/06

Dependencies: 1735, 8314

Nessus ID: 11404

Risk Information

Risk Factor: High

CVSSv2

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 8.1

Temporal Score: 7.5

Vector: CVSS3#AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Reference Information

CVE: CVE-2002-2414, CVE-2003-1420, CVE-2003-1387, CVE-2003-1397

BID: 7056, 6962, 6811, 6814, 6754, 6755, 6756, 6757, 6759, 6218