Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.900001
Category:General
Title:Opera for Windows Unspecified Code Execution Vulnerabilities July-08
Summary:The remote host is running Opera Web Browser, which is prone; to multiple vulnerabilities.
Description:Summary:
The remote host is running Opera Web Browser, which is prone
to multiple vulnerabilities.

Vulnerability Insight:
The flaws are due to the way the Web Browser handles certain
canvas functions that can cause the canvas to be painted with very small amounts of data
constructed from random memory, which allows canvas images to be read and analyzed by JavaScript.

Vulnerability Impact:
Successful exploitation could grant the remote attacker
to execute arbitrary malicious code to retrieve random samples of the user's memory, which
may contain sensitive data.

Affected Software/OS:
Opera Version 5 to 9.50 on Windows (All)

Solution:
Upgrade to Opera version 9.51.

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:N/A:N

Cross-Ref: BugTraq ID: 30068
Common Vulnerability Exposure (CVE) ID: CVE-2008-3078
http://www.securityfocus.com/bid/30068
http://secunia.com/advisories/30935
http://secunia.com/advisories/31339
SuSE Security Announcement: SUSE-SR:2008:016 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html
http://www.vupen.com/english/advisories/2008/1997/references
XForce ISS Database: opera-canvas-information-disclosure(43575)
https://exchange.xforce.ibmcloud.com/vulnerabilities/43575
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.