Opera < 12.11 Multiple Vulnerabilities

high Nessus Network Monitor Plugin ID 6621

Synopsis

The remote host has a web browser installed that is vulnerable by multiple vulnerabilities

Description

The remote host is running the Opera web browser.

Versions of Opera earlier than 12.11 are potentially affected by the following vulnerabilities :

- A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. (1036)

- An issue exists related to the application's error handling that can allow a malicious website to determine the existence of and path to local files. (1037)

Solution

Upgrade to Opera 12.11 or later.

See Also

http://www.opera.com/support/kb/view/1036

http://www.opera.com/support/kb/view/1037

http://www.opera.com/docs/changelogs/unified/1211

Plugin Details

Severity: High

ID: 6621

Family: Web Clients

Published: 11/21/2012

Updated: 3/6/2019

Nessus ID: 62984

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: High

Base Score: 9.3

Temporal Score: 6.9

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: High

Base Score: 8.1

Temporal Score: 7.1

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:opera:opera_browser

Patch Publication Date: 11/20/2012

Vulnerability Publication Date: 11/20/2012

Reference Information

CVE: CVE-2012-6468, CVE-2012-6469

BID: 56594