Detections
Analytics

Opera < 11.52 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 6053

Synopsis

The remote host has a web browser installed that is vulnerable to multiple attack vectors.

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 11.52 are potentially affected by multiple vulnerabilities :

- An error exists in the handling of certain font manipulations inside dynamically added or specifically embedded SVG images or SVG content in nested frames. This error can cause the application to crash and can possibly allow arbitrary code execution. (Issue 1002)

 - Several unspecified error exist that can allow stack overflows leading to browser crashes.

Solution

Upgrade to Opera 11.52 or later.

See Also

http://www.opera.com/support/kb/view/1002

http://www.opera.com/docs/changelogs/windows/1152

http://spa-s3c.blogspot.com/2011/10/spas3c-sv-006opera-browser-101112-0-day.html

http://downloads.securityfocus.com/vulnerabilities/exploits/50044.rb

Plugin Details

Severity: High

ID: 6053

Family: Web Clients

Published: 10/27/2011

Updated: 3/6/2019

Nessus ID: 56585

Risk Information

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 7.7

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 7.4

Temporal Score: 6.9

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:X

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Patch Publication Date: 10/19/2011

Vulnerability Publication Date: 10/10/2011

Reference Information

CVE: CVE-2011-4152

BID: 50044, 50320