Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.900039
Category:General
Title:Opera Web Browser Multiple Security Vulnerabilities Aug-08 (Linux)
Summary:The remote host is running Opera Web Browser, which is prone; to multiple vulnerabilities.
Description:Summary:
The remote host is running Opera Web Browser, which is prone
to multiple vulnerabilities.

Vulnerability Insight:
Multiple vulnerabilities exist in Opera Browser,

- Sites can change framed content on other sites

- Startup crash can allow execution of arbitrary code

- Custom shortcuts can pass the wrong parameters to applications

- Insecure pages can show incorrect security information

- Feed links can link to local files

- Feed subscription can cause the wrong page address to be displayed

Vulnerability Impact:
Remote exploitation will allow browser to crash, can potentially
execute arbitrary code, cross site scripting attacks, and can even change the address field to
the address of the malicious web page to mislead a user.

Affected Software/OS:
Opera Version 9.51 and prior versions on Linux (All)

Solution:
Upgrade to Opera version 9.52.

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Cross-Ref: BugTraq ID: 30768
Common Vulnerability Exposure (CVE) ID: CVE-2008-4195
http://www.securityfocus.com/bid/30768
http://security.gentoo.org/glsa/glsa-200811-01.xml
http://www.openwall.com/lists/oss-security/2008/09/19/2
http://www.openwall.com/lists/oss-security/2008/09/24/4
http://www.securitytracker.com/id?1020718
http://secunia.com/advisories/31549
http://secunia.com/advisories/32538
http://www.vupen.com/english/advisories/2008/2416
XForce ISS Database: opera-frameaddress-spoofing(44549)
https://exchange.xforce.ibmcloud.com/vulnerabilities/44549
CopyrightCopyright (C) 2008 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.