Detections
Analytics

openSUSE Security Update : opera (opera-43)

medium Nessus Plugin ID 40088

Synopsis

The remote openSUSE host is missing a security update.

Description

This patch brings Opera to security update level 9.50

Following security problems were fixed: CVE-2008-2714: Opera before 9.26 allows remote attackers to misrepresent web page addresses using 'certain characters' that 'cause the page address text to be misplaced.'

CVE-2008-2715: Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns.

CVE-2008-2716: Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.

It also contains lots of new features and other bugfixes, see the Changelog at: http://www.opera.com/docs/changelogs/linux/950/

Solution

Update the affected opera package.

See Also

https://help.opera.com/en/latest/

https://bugzilla.novell.com/show_bug.cgi?id=400367

Plugin Details

Severity: Medium

ID: 40088

File Name: suse_11_0_opera-080616.nasl

Version: 1.12

Type: local

Agent: unix

Published: 7/21/2009

Updated: 1/14/2021

Supported Sensors: Frictionless Assessment AWS, Frictionless Assessment Azure, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.4

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:opera, cpe:/o:novell:opensuse:11.0

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/SuSE/release, Host/SuSE/rpm-list

Patch Publication Date: 6/16/2008

Reference Information

CVE: CVE-2008-2714, CVE-2008-2715, CVE-2008-2716

CWE: 200