|
|
Family: Windows --> Category: infos
Opera < 9.10 Multiple Vulnerabilities Vulnerability Scan
Vulnerability Scan Summary
Checks version number of Opera
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote host contains a web browser which is susceptible to
multiple issues.
Description :
The version of Opera installed on the remote host reportedly contains
a heap overflow vulnerability that can be triggered when processing
the DHT marker in a specially-crafted JPEG image to crash the browser
or possibly allow execution of arbitrary code on the affected host.
In addition, another flaw in Opera's createSVGTransformFromMatrix
object typecasting may lead to a browser crash or arbitrary code
execution if support for Javascript is enabled.
See also :
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=457
http://www.securityfocus.com/archive/1/456053
http://www.securityfocus.com/archive/1/456066
http://www.opera.com/support/search/supsearch.dml?index=851
http://www.opera.com/support/search/supsearch.dml?index=852
Solution :
Upgrade to Opera version 9.10 or later.
Threat Level:
High / CVSS Base Score : 8.0
(AV:R/AC:H/Au:NR/C:C/I:C/A:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
