-->
SecPod ID: 10227 Status: Public Report
Opera Browser Multiple Vulnerabilities Severity: High
Release Date: 18-12-2008
CVSS Base Score: 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score = 7.3
Impact Level: Application
Affected Software/OS/Device:
- Opera version 9.62 and prior
OpenVAS Plugin ID:
Snort Signature ID:
OVAL ID:
Vulnerability Insight:
Overview:
Opera Browser is prone to Multiple Vulnerabilities.
Description:
These flaws are due to,
- Unspecified error when manipulating certain text-area contents which can
cause buffer overflow to the application.
- Error exists while blocking scripts during a news feed preview which can
cause disclosure of subscribed news feeds or can cause redirecting the users
to view arbitrary malicious news feeds.
- Unspecified error within the parsing of certain HTML constructs can cause
exploitation of unexpected DOM change.
- Boundary error in the processing of 'file://' [^] URIs which can cause heap based
buffer overflow by redirecting the browser to view a long 'file://' [^] URI.
Impact:
Successful exploitation will let the attacker execute arbitrary codes in the
context of the application and crash the application to cause heap bufferflow
or can cause disclosure of sensitive information about the remote user and host.
CVSS Score Report:
ACCESS_VECTOR = NETWORK
ACCESS_COMPLEXITY = MEDIUM
AUTHENTICATION = NOT_REQUIRED
CONFIDENTIALITY_IMPACT = COMPLETE
INTEGRITY_IMPACT = COMPLETE
AVAILABILITY_IMPACT = COMPLETE
EXPLOITABILITY = PROOF_OF_CONCEPT
REMEDIATION_LEVEL = OFFICIAL_FIX
REPORT_CONFIDENCE = CONFIRMED
CVSS Base Score = 9.3 (AV:N/AC:M/Au:NR/C:C/I:C/A:C)
CVSS Temporal Score = 7.3
Risk factor = High
Fix:
Upgrade to Opera 9.63,
http://www.opera.com/browser/download
References:
http://osvdb.org/49882
http://milw0rm.com/exploits/7135