FreeBSD : opera -- multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)

NASLDB: FreeBSD : opera -- multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)

General

ID: 51928
Name: FreeBSD : opera — multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)

Summary: Checks for updated packages in pkg_info output

Credits: Tenable Network Security, Inc.

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: FreeBSD Local Security Checks
Type: Local

Description

Opera reports :

Opera 11.01 is a recommended upgrade offering security and stability
enhancements.

The following security vulnerabilities have been fixed :

– Removed support for ‘javascript:’ URLs in CSS -o-link values, to
make it easier for sites to filter untrusted CSS.

– Fixed an issue where large form inputs could allow execution of
arbitrary code, as reported by Jordi Chancel; see our advisory.

– Fixed an issue which made it possible to carry out clickjacking
attacks against internal opera: URLs; see our advisory.

– Fixed issues which allowed web pages to gain limited access to files
on the user’s computer; see our advisory.

– Fixed an issue where email passwords were not immediately deleted
when deleting private data; see our advisory.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2011-0450
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: 2011/01/26
Patch Release: 2011/02/10
Plugin Release: 2011/02/10

Plugin

Version: 1.4
Filename: freebsd_pkg_2eda0c5434ab11e0810300215c6a37bb.nasl
Filesize: 5288 bytes
MD5 Hash: b992b2b7dff34cd2da294d205073d91a

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/FreeBSD/release", "Host/FreeBSD/pkg_info
Dependencies: "ssh_get_info.nasl"

Letzte Plugins

Letzte Plugins

scip AG