scip AG

NASLDB: GLSA-201206-03 : Opera: Multiple vulnerabilities

General

ID: 59631
Name: GLSA-201206-03 : Opera: Multiple vulnerabilities

Summary: Checks for updated package(s) in /var/db/pkg

Credits: –

Classification

Risk: –

CVSS: –
CVSS Base Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSS Temporal Vector: –

Port: 0
Family: Gentoo Local Security Checks
Type: Local

Description

The remote host is affected by the vulnerability described in GLSA-201206-03
(Opera: Multiple vulnerabilities)

Multiple vulnerabilities have been discovered in Opera. Please review
the CVE identifiers referenced below for details.

Impact :

A remote attacker could entice a user to open a specially crafted web
page, possibly resulting in execution of arbitrary code with the
privileges of the process or a Denial of Service condition. A remote
attacker may be able to: trick users into downloading and executing
arbitrary files, bypass intended access restrictions, spoof trusted
content, spoof URLs, bypass the Same Origin Policy, obtain sensitive
information, force subscriptions to arbitrary feeds, bypass the popup
blocker, bypass CSS filtering, conduct cross-site scripting attacks, or
have other unknown impact.
A local attacker could perform symlink attacks to overwrite arbitrary
files with the privileges of the user running the application or possibly
obtain sensitive information.
A physically proximate attacker may be able to access an email account.

Workaround :

There is no known workaround at this time.

Exploiting

Exploit Available: –
Exploitability Ease: –

Sources

CVE: CVE-2009-1234
OSVDB: –
Bugtraq: –
scipID: –

Timeline

Vulnerability Disclosure: –
Patch Release: 2012/06/15
Plugin Release: 2012/06/21

Plugin

Version: 1.1
Filename: gentoo_GLSA-201206-03.nasl
Filesize: 5689 bytes
MD5 Hash: 368782d068d584a94e1bd1b78dfd0cc1

Identification: Host/local_checks_enabled
Require Keys: Host/local_checks_enabled", "Host/Gentoo/release", "Host/Gentoo/qpkg-list
Dependencies: "ssh_get_info.nasl"

Copyright: This script is Copyright© 2012 Tenable Network Security, Inc.

Letzte Plugins

• Letzte Plugins
  • USN-1611-1 : thunderbird vulnerabilities
  • USN-1610-1 : linux vulnerability
  • USN-1609-1 : linux-ti-omap4 vulnerability
  • SuSE 10 Security Update : PostgreSQL
  • RHSA-2012-1364: bind97
  • RHSA-2012-1363: bind
  • RHSA-2012-1362: thunderbird
  • RHSA-2012-1361: xulrunner
  • Mandriva Linux Security Advisory : graphicsmagick
  • FreeBSD : phpMyAdmin — Multiple XSS due to unescaped HTML output in Trigger, Procedure and Event pages and Fetching the version information from a non-SSL site is vulnerable to a MITM attack

• Archiv
• scip VulDB
• Syndication
  • RSS
  • Twitter