Detections
Analytics
Opera < 12.12 Multiple Vulnerabilities
high Nessus Plugin ID 63301
Language:
Synopsis
The remote host contains a web browser that is affected by multiple vulnerabilities.Description
The version of Opera installed on the remote host is earlier than 12.12 and is, therefore, reportedly affected by the following vulnerabilities :- An error exists related to GIF image file handling that can allow heap memory corruption and can lead to application crashes or arbitrary code execution. (1038)
- An error exists related to URL handling and the address bar that can allow rapid, repeated web requests to cause the incorrect URL to be displayed. (1040)
Solution
Upgrade to Opera 12.12 or later.See Also
https://seclists.org/fulldisclosure/2012/Dec/54
http://www.opera.com/support/kb/view/1038/
http://web.archive.org/web/20130224012703/http://www.opera.com/support/kb/view/1040/
http://web.archive.org/web/20170907143134/http://www.opera.com:80/docs/changelogs/unified/1212/
Plugin Details
Severity: High
ID: 63301
File Name: opera_1212.nasl
Version: 1.5
Type: local
Agent: windows
Family: Windows
Published: 12/19/2012
Updated: 11/15/2018
Supported Sensors: Nessus Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 9.3
Temporal Score: 7.3
Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
Vulnerability Information
CPE: cpe:/a:opera:opera_browser
Required KB Items: SMB/Opera/Version
Exploit Available: true
Exploit Ease: Exploits are available
Patch Publication Date: 12/18/2012
Vulnerability Publication Date: 12/3/2012
Reference Information
CVE: CVE-2012-6470, CVE-2012-6471