Opera < 10.61 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 5626

Synopsis

The remote host has a web browser that is vulnerable to multiple attack vectors.

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 10.61 are potentially affected by multiple vulnerabilities :

- A heap overflow when performing painting operations on an HTML5 canvas can result in execution of arbitrary code, (KB 966)

- An issue with tab focus is open to an attack where it is used to obscure a download dialog that is in another tab. The user can be tricked into clicking buttons in the dialog, resulting in the downloaded file being executed. (KB 967)

- Certain types of content concerning the news feed preview do not have their scripts removed properly, possibly resulting in subscription of feeds without the user's consent. (KB 968)

Loading an animated PNG image may cause high CPU usage with no response from the browser. (CVE-2010-3021)

A memory corruption issue exists when handling an html page with a very large SIZE parameter in the SELECT tag. (CVE-2011-1824)

Solution

Upgrade to Opera 10.61 or later.

See Also

http://www.opera.com/docs/changelogs/windows/1061

http://www.opera.com/support/kb/view/966

http://www.opera.com/support/kb/view/967

http://www.opera.com/support/kb/view/968

http://secunia.com/secunia_research/2010-110

http://www.toucan-system.com/advisories/tssa-2011-02.txt

Plugin Details

Severity: Medium

ID: 5626

Family: Web Clients

Published: 8/12/2010

Updated: 3/6/2019

Nessus ID: 48317

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.8

Temporal Score: 5.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.6

Temporal Score: 5.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Patch Publication Date: 8/12/2010

Vulnerability Publication Date: 8/12/2010

Reference Information

CVE: CVE-2010-2576, CVE-2010-3019, CVE-2010-3020, CVE-2010-3021, CVE-2011-1824

BID: 42407, 47764