Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gentooGentoo FoundationGLSA-200712-22
HistoryDec 30, 2007 - 12:00 a.m.

Opera: Multiple vulnerabilities

2007-12-3000:00:00
Gentoo Foundation
security.gentoo.org
16

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.111

Percentile

95.3%

JSON

Background

Opera is a fast Web browser that is available free of charge.

Description

David Bloom reported two vulnerabilities where plug-ins (CVE-2007-6520) and Rich text editing (CVE-2007-6522) could be used to allow cross domain scripting. Alexander Klink (Cynops GmbH) discovered an issue with TLS certificates (CVE-2007-6521). Gynvael Coldwind reported that bitmaps might reveal random data from memory (CVE-2007-6524).

Impact

A remote attacker could exploit these vulnerabilities, possibly leading to the execution of arbitrary code and cross domain scripting.

Workaround

There is no known workaround at this time.

Resolution

All Opera users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-client/opera-9.25"
OSVersionArchitecturePackageVersionFilename
Gentooanyallwww-client/opera< 9.25UNKNOWN

Related

freebsd 1
openvas 5
nessus 4
securityvulns 3
suse 1
seebug 1
prion 4
cvelist 4
nvd 4
cve 4
ubuntucve 4
freebsd
freebsd
opera -- multiple vulnerabilities
2007-12-19 00:00:00
openvas
openvas
Gentoo Security Advisory GLSA 200712-22 (opera)
2008-09-24 00:00:00
FreeBSD Ports: opera, opera-devel, linux-opera
2008-09-04 00:00:00
Gentoo Security Advisory GLSA 200712-22 (opera)
2008-09-24 00:00:00
nessus
nessus
FreeBSD : opera -- multiple vulnerabilities (31b045e7-ae75-11dc-a5f9-001a4d49522b)
2007-12-24 00:00:00
GLSA-200712-22 : Opera: Multiple vulnerabilities
2007-12-31 00:00:00
openSUSE 10 Security Update : opera (opera-4858)
2008-01-08 00:00:00
securityvulns
securityvulns
Opera browser multiple security vulnerabilities
2008-01-02 00:00:00
Opera buffer overflow
2008-05-30 00:00:00
[Full-disclosure] Opera - heap based buffer overflow &#40;CVE-2007-6521&#41;
2008-05-30 00:00:00
suse
suse
remote code execution in opera
2008-01-07 17:35:59
seebug
seebug
Opera Web浏览器9.25版本修复多个漏洞
2008-05-30 00:00:00
prion
prion
Design/Logic Flaw
2007-12-24 20:46:00
Cross site scripting
2007-12-24 20:46:00
Cross site scripting
2007-12-24 20:46:00
cvelist
cvelist
CVE-2007-6521
2007-12-24 20:00:00
CVE-2007-6522
2007-12-24 20:00:00
CVE-2007-6520
2007-12-24 20:00:00
nvd
nvd
CVE-2007-6522
2007-12-24 20:46:00
CVE-2007-6521
2007-12-24 20:46:00
CVE-2007-6520
2007-12-24 20:46:00
cve
cve
CVE-2007-6522
2007-12-24 20:46:00
CVE-2007-6521
2007-12-24 20:46:00
CVE-2007-6520
2007-12-24 20:46:00
ubuntucve
ubuntucve
CVE-2007-6522
2007-12-24 00:00:00
CVE-2007-6520
2007-12-24 00:00:00
CVE-2007-6521
2007-12-24 00:00:00

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

EPSS

0.111

Percentile

95.3%

JSON
Related for GLSA-200712-22
freebsd1openvas5nessus4securityvulns3suse1seebug1prion4cvelist4nvd4cve4ubuntucve4