English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.68952
Categoría:FreeBSD Local Security Checks
Título:FreeBSD Ports: opera, opera-devel, linux-opera
Resumen:The remote host is missing an update to the system; as announced in the referenced advisory.
Descripción:Summary:
The remote host is missing an update to the system
as announced in the referenced advisory.

Vulnerability Insight:
The following packages are affected:

opera
opera-devel
linux-opera

CVE-2011-0450
The downloads manager in Opera before 11.01 on Windows does not
properly determine the pathname of the filesystem-viewing application,
which allows user-assisted remote attackers to execute arbitrary code
via a crafted web site that hosts an executable file.

CVE-2011-0681
The Cascading Style Sheets (CSS) Extensions for XML implementation in
Opera before 11.01 recognizes links to javascript: URLs in the -o-link
property, which makes it easier for remote attackers to bypass CSS
filtering via a crafted URL.

CVE-2011-0682
Integer truncation error in opera.dll in Opera before 11.01 allows
remote attackers to execute arbitrary code or cause a denial of
service (memory corruption) via an HTML form with a select element
that contains a large number of children.

CVE-2011-0683
Opera before 11.01 does not properly restrict the use of opera: URLs,
which makes it easier for remote attackers to conduct clickjacking
attacks via a crafted web site.

CVE-2011-0684
Opera before 11.01 does not properly handle redirections and
unspecified other HTTP responses, which allows remote web servers to
obtain sufficient access to local files to use these files as page
resources, and consequently obtain potentially sensitive information
from the contents of the files, via an unknown response manipulation.

CVE-2011-0685
The Delete Private Data feature in Opera before 11.01 does not
properly implement the 'Clear all email account passwords' option,
which might allow physically proximate attackers to access an e-mail
account via an unattended workstation.

CVE-2011-0686
Unspecified vulnerability in Opera before 11.01 allows remote
attackers to cause a denial of service (application crash) via unknown
content on a web page, as demonstrated by vkontakte.ru.

CVE-2011-0687
Opera before 11.01 does not properly implement Wireless Application
Protocol (WAP) dropdown lists, which allows user-assisted remote
attackers to cause a denial of service (application crash) via a
crafted WAP document.

Solution:
Update your system with the appropriate patches or
software upgrades.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2011-0450
http://jvn.jp/en/jp/JVN33880169/index.html
http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000010.html
http://osvdb.org/70726
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12369
http://secunia.com/advisories/43023
http://www.vupen.com/english/advisories/2011/0231
Common Vulnerability Exposure (CVE) ID: CVE-2011-0681
BugTraq ID: 46036
http://www.securityfocus.com/bid/46036
http://osvdb.org/70727
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12045
Common Vulnerability Exposure (CVE) ID: CVE-2011-0682
https://www.alternativ-testing.fr/blog/index.php?post/2011/[CVE-XXXX-XXXX]-Opera-11-Integer-Truncation-Vulnerability
http://osvdb.org/70728
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12636
Common Vulnerability Exposure (CVE) ID: CVE-2011-0683
http://osvdb.org/70729
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11641
Common Vulnerability Exposure (CVE) ID: CVE-2011-0684
http://osvdb.org/70730
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12296
Common Vulnerability Exposure (CVE) ID: CVE-2011-0685
http://osvdb.org/70731
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12507
XForce ISS Database: opera-passwords-sec-bypass(65018)
https://exchange.xforce.ibmcloud.com/vulnerabilities/65018
Common Vulnerability Exposure (CVE) ID: CVE-2011-0686
http://osvdb.org/70732
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11878
Common Vulnerability Exposure (CVE) ID: CVE-2011-0687
http://osvdb.org/70733
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12563
CopyrightCopyright (C) 2011 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.