Detections
Analytics
Opera < 11.50 Multiple Vulnerabilities
critical Nessus Plugin ID 55470
Language:
Synopsis
The remote host contains a web browser that is affected by multiple vulnerabilities.Description
The version of Opera installed on the remote Windows host is earlier than 11.50 and thus potentially affected by multiple vulnerabilities:- An error exists in the handling of data URIs that allows cross-site scripting in some unspecified cases. (Issue #995)
- An error exists in the browser's handling of error pages. Opera generates error pages in response to an invalid URL. If enough invalid URLs are attempted, the host's disk space is eventually filled, the browser crashes and the error files are left behind. (Issue #996)
- An additional, moderately severe and unspecified error exists. Details regarding this error are to be released in the future. (CVE-2011-2610)
- Several unspecified errors exist that can cause application crashes. Affected items or functionaility are: printing, unspecified web content, JavaScript Array.prototype.join method, drawing paths with many characters, selecting text nodes, iframes, closed or removed pop-up windows, moving audio or video elements between windows, canvas elements, SVG items, CSS files, form layouts, web workers, SVG BiDi, large tables and print preview, select elements with many items, and the src attribute of the iframe element.
(CVE-2011-2611, CVE-2011-2612, CVE-2011-2613, CVE-2011-2614, CVE-2011-2615, CVE-2011-2616, CVE-2011-2617, CVE-2011-2618, CVE-2011-2619, CVE-2011-2620, CVE-2011-2621, CVE-2011-2622, CVE-2011-2623, CVE-2011-2624, CVE-2011-2625, CVE-2011-2626, CVE-2011-2627)
Solution
Upgrade to Opera 11.50 or later.See Also
http://web.archive.org/web/20130223103501/http://www.opera.com/support/kb/view/995/
http://web.archive.org/web/20130223103505/http://www.opera.com/support/kb/view/996/
http://web.archive.org/web/20170912120426/http://www.opera.com/docs/changelogs/windows/1150/
Plugin Details
Severity: Critical
ID: 55470
File Name: opera_1150.nasl
Version: 1.12
Type: local
Agent: windows
Family: Windows
Published: 6/30/2011
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 5.9
CVSS v2
Risk Factor: Critical
Base Score: 10
Temporal Score: 7.4
Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:opera:opera_browser
Required KB Items: SMB/Opera/Version
Exploit Ease: No known exploits are available
Patch Publication Date: 6/28/2011
Vulnerability Publication Date: 6/28/2011
Reference Information
CVE: CVE-2011-1337, CVE-2011-2609, CVE-2011-2610, CVE-2011-2611, CVE-2011-2612, CVE-2011-2613, CVE-2011-2614, CVE-2011-2615, CVE-2011-2616, CVE-2011-2617, CVE-2011-2618, CVE-2011-2619, CVE-2011-2620, CVE-2011-2621, CVE-2011-2622, CVE-2011-2623, CVE-2011-2624, CVE-2011-2625, CVE-2011-2626, CVE-2011-2627
BID: 48500, 48501, 48556, 48568
Secunia: 45060