Buffer overflow : Opera Web Browser Multiple Vulnerabilities (Dec 2008)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.900082

Categoría: Buffer overflow

Título: Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Linux

Resumen: Opera web browser is prone to multiple Vulnerabilities.

Descripción: Summary:
Opera web browser is prone to multiple Vulnerabilities.

Vulnerability Insight:
The flaws are due to

- a buffer overflow error when handling certain text-area contents.

- a memory corruption error when processing certain HTML constructs.

- an input validation error in the feed preview feature when processing URLs.

- an error in the built-in XSLT templates that incorrectly handle escaped
content.

- an error which could be exploited to reveal random data.

- an error when processing SVG images embedded using img tags.

Vulnerability Impact:
Successful remote attack could inject arbitrary code, information disclosure,
execute java or plugin content and can even crash the application.

Affected Software/OS:
Opera version prior to 9.63 on Linux.

Solution:
Upgrade to Opera 9.63.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5679
Bugtraq: 20081217 n.runs-SA-2008.010 - Opera HTML parsing Code Execution (Google Search)
http://www.securityfocus.com/archive/1/499315/100/0/threaded
http://security.gentoo.org/glsa/glsa-200903-30.xml
http://www.nruns.com/security_advisory_opera_html_parsing_code_execution.php
http://www.securitytracker.com/id?1021460
http://secunia.com/advisories/34294
http://securityreason.com/securityalert/4791
Common Vulnerability Exposure (CVE) ID: CVE-2008-5680
Bugtraq: 20081118 Re: Re: Re: Opera 9.6x file:// overflow (Google Search)
http://www.securityfocus.com/archive/1/498452/100/0/threaded
Bugtraq: 20081119 Re: Opera 9.6x file:// overflow (Google Search)
http://www.securityfocus.com/archive/1/498481/100/0/threaded
Bugtraq: 20081119 Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search)
http://www.securityfocus.com/archive/1/498499/100/0/threaded
Bugtraq: 20081119 Re: Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search)
http://www.securityfocus.com/archive/1/498517/100/0/threaded
Bugtraq: 20081120 Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search)
http://www.securityfocus.com/archive/1/498543/100/0/threaded
http://www.securitytracker.com/id?1021456
http://securitytracker.com/id?1021457
Common Vulnerability Exposure (CVE) ID: CVE-2008-5681
http://www.securitytracker.com/id?1021461
Common Vulnerability Exposure (CVE) ID: CVE-2008-5682
http://osvdb.org/50951
http://www.securitytracker.com/id?1021462
Common Vulnerability Exposure (CVE) ID: CVE-2008-5683
http://securitytracker.com/id?1021459

Copyright Copyright (C) 2008 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.900082
Categoría:	Buffer overflow
Título:	Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Linux
Resumen:	Opera web browser is prone to multiple Vulnerabilities.
Descripción:	Summary: Opera web browser is prone to multiple Vulnerabilities. Vulnerability Insight: The flaws are due to - a buffer overflow error when handling certain text-area contents. - a memory corruption error when processing certain HTML constructs. - an input validation error in the feed preview feature when processing URLs. - an error in the built-in XSLT templates that incorrectly handle escaped content. - an error which could be exploited to reveal random data. - an error when processing SVG images embedded using img tags. Vulnerability Impact: Successful remote attack could inject arbitrary code, information disclosure, execute java or plugin content and can even crash the application. Affected Software/OS: Opera version prior to 9.63 on Linux. Solution: Upgrade to Opera 9.63. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2008-5679 Bugtraq: 20081217 n.runs-SA-2008.010 - Opera HTML parsing Code Execution (Google Search) http://www.securityfocus.com/archive/1/499315/100/0/threaded http://security.gentoo.org/glsa/glsa-200903-30.xml http://www.nruns.com/security_advisory_opera_html_parsing_code_execution.php http://www.securitytracker.com/id?1021460 http://secunia.com/advisories/34294 http://securityreason.com/securityalert/4791 Common Vulnerability Exposure (CVE) ID: CVE-2008-5680 Bugtraq: 20081118 Re: Re: Re: Opera 9.6x file:// overflow (Google Search) http://www.securityfocus.com/archive/1/498452/100/0/threaded Bugtraq: 20081119 Re: Opera 9.6x file:// overflow (Google Search) http://www.securityfocus.com/archive/1/498481/100/0/threaded Bugtraq: 20081119 Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search) http://www.securityfocus.com/archive/1/498499/100/0/threaded Bugtraq: 20081119 Re: Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search) http://www.securityfocus.com/archive/1/498517/100/0/threaded Bugtraq: 20081120 Re: Re: Re: Re: Re: Re: Opera 9.6x file:// overflow (Google Search) http://www.securityfocus.com/archive/1/498543/100/0/threaded http://www.securitytracker.com/id?1021456 http://securitytracker.com/id?1021457 Common Vulnerability Exposure (CVE) ID: CVE-2008-5681 http://www.securitytracker.com/id?1021461 Common Vulnerability Exposure (CVE) ID: CVE-2008-5682 http://osvdb.org/50951 http://www.securitytracker.com/id?1021462 Common Vulnerability Exposure (CVE) ID: CVE-2008-5683 http://securitytracker.com/id?1021459
Copyright	Copyright (C) 2008 Greenbone AG