Opera < 11.11 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 5925

Synopsis

The remote host has a web browser installed that is affected by a memory corruption vulnerability.

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 11.11 are potentially affected by multiple vulnerabilities. An attacker could craft a web page that will trigger the vulnerability which may allow arbitrary code execution subject to the privileges of the user running the affected application. (CVE-2011-2628)
- Several errors exist that can cause application crashes. Affected items or functionality include unspecified web content, reloading pages after opening a pop-up from the Easy Sticky Note extension, handling of the column-count CSS property, destruction of a Silverlight instance, the handling of Certificate Revocation Lists (CRL). (CVE-2011-2629, CVE-2011-2630, CVE-2011-2631, CVE-2011-2632, CVE-2011-2633).

Solution

Upgrade to Opera 11.11 or later.

See Also

http://www.opera.com/docs/changelogs/windows/1111

http://www.opera.com/support/kb/view/992

Plugin Details

Severity: High

ID: 5925

Family: Web Clients

Published: 5/19/2011

Updated: 3/6/2019

Nessus ID: 54587

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Patch Publication Date: 5/18/2011

Vulnerability Publication Date: 5/18/2011

Reference Information

CVE: CVE-2011-2628, CVE-2011-2629, CVE-2011-2630, CVE-2011-2631, CVE-2011-2632, CVE-2011-2633

BID: 47906