Opera < 9.10 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 3878

Synopsis

The remote host is vulnerable to multiple attack vectors.

Description

The version of Opera installed on the remote host reportedly contains a heap overflow vulnerability that can be triggered when processing the DHT marker in a specially-crafted JPEG image to crash the browser or possibly allow execution of arbitrary code on the affected host. In addition, another flaw in Opera's createSVGTransformFromMatrix object typecasting may lead to a browser crash or arbitrary code execution if support for Javascript is enabled.

Solution

Upgrade to version 9.10 or higher.

See Also

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458

http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=457

http://www.securityfocus.com/archive/1/456053

http://www.securityfocus.com/archive/1/456066

http://www.opera.com/support/search/supsearch.dml?index=852

http://www.opera.com/support/search/supsearch.dml?index=851

Plugin Details

Severity: Medium

ID: 3878

Family: Web Clients

Published: 2007/01/08

Modified: 2016/01/21

Dependencies: 1735, 8314

Nessus ID: 23977

Risk Information

Risk Factor: Medium

CVSSv2

Base Score: 5.4

Temporal Score: 4.7

Vector: CVSS2#AV:A/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSSv3

Base Score: 5

Temporal Score: 4.8

Vector: CVSS3#AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS3#E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Reference Information

CVE: CVE-2006-4819

BID: 20591, 21882