Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (c) 2012 SecPodOPENVAS:902666
HistoryMar 29, 2012 - 12:00 a.m.

Opera Multiple Vulnerabilities - March12 (Windows)

2012-03-2900:00:00
Copyright (c) 2012 SecPod
plugins.openvas.org
9

EPSS

0.018

Percentile

88.3%

JSON

The host is installed with Opera and is prone to multiple
vulnerabilities.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_opera_mult_vuln_mar12_win.nasl 6022 2017-04-25 12:51:04Z teissa $
#
# Opera Multiple Vulnerabilities - March12 (Windows)
#
# Authors:
# Rachana Shetty <[email protected]>
#
# Copyright:
# Copyright (c) 2012 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation could allow attackers to execute arbitrary code in
  the context of the browser, inject scripts, bypass certain security
  restrictions, conduct spoofing attacks, or cause a denial of service
  condition.
  Impact Level: System/Application";
tag_affected = "Opera version before 11.62 on Windows";
tag_insight = "Multiple flaws are due to
  - An error in web page dialogs handling, which displays the wrong address in
    the address field.
  - An error in history.state, which leaks the state data from cross domain
    pages via history.pushState() and history.replaceState() functions.
  - Fails to ensure that a dialog window is placed on top of content windows,
    allows attackers to trick users into executing downloads.
  - A small window for the download dialog.
  - A timed page reloads and redirects to different domains.";
tag_solution = "Upgrade to the Opera version 11.62 or later,
  For updates refer to http://www.opera.com/download/";
tag_summary = "The host is installed with Opera and is prone to multiple
  vulnerabilities.";

if(description)
{
  script_id(902666);
  script_version("$Revision: 6022 $");
  script_cve_id("CVE-2012-1924",  "CVE-2012-1925", "CVE-2012-1926", "CVE-2012-1927",
                "CVE-2012-1928");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"last_modification", value:"$Date: 2017-04-25 14:51:04 +0200 (Tue, 25 Apr 2017) $");
  script_tag(name:"creation_date", value:"2012-03-29 19:43:23 +0530 (Thu, 29 Mar 2012)");
  script_name("Opera Multiple Vulnerabilities - March12 (Windows)");
  script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1010/");
  script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1011/");
  script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1012/");
  script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1013/");
  script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1014/");
  script_xref(name : "URL" , value : "http://www.opera.com/docs/changelogs/windows/1162/");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (c) 2012 SecPod");
  script_family("General");
  script_dependencies("secpod_opera_detection_win_900036.nasl");
  script_require_keys("Opera/Win/Version");
  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}


include("version_func.inc");

## Variable initialization
operaVer = NULL;

operaVer = get_kb_item("Opera/Win/Version");
if(!operaVer){
  exit(0);
}

# Check for opera version < 11.62
if(version_is_less(version:operaVer, test_version:"11.62")){
  security_message(0);
}

Related

nessus 3
openvas 9
suse 1
nvd 6
cve 6
prion 6
cvelist 6
gentoo 1
nessus
nessus
Opera < 11.62 Multiple Vulnerabilities
2012-04-03 00:00:00
openSUSE Security Update : opera (openSUSE-SU-2012:0610-1)
2014-06-13 00:00:00
GLSA-201206-03 : Opera: Multiple vulnerabilities
2012-06-21 00:00:00
openvas
openvas
Opera Multiple Vulnerabilities (Mar 2012) - Windows
2012-03-29 00:00:00
Opera Multiple Vulnerabilities (Mar 2012) - Mac OS X
2012-03-29 00:00:00
Opera Multiple Vulnerabilities - March12 (MacOSX)
2012-03-29 00:00:00
suse
suse
opera to 11.62 (important)
2012-05-11 11:08:24
nvd
nvd
CVE-2012-1926
2012-03-28 03:22:10
CVE-2012-1928
2012-03-28 03:22:10
CVE-2012-1925
2012-03-28 03:22:10
cve
cve
CVE-2012-1924
2012-03-28 03:22:10
CVE-2012-1925
2012-03-28 03:22:10
CVE-2012-1926
2012-03-28 03:22:10
prion
prion
Design/Logic Flaw
2012-03-28 03:22:00
Design/Logic Flaw
2012-03-28 03:22:00
Design/Logic Flaw
2012-03-28 03:22:00
cvelist
cvelist
CVE-2012-1925
2012-03-28 01:00:00
CVE-2012-1926
2012-03-28 01:00:00
CVE-2012-1924
2012-03-28 01:00:00
gentoo
gentoo
Opera: Multiple vulnerabilities
2012-06-15 00:00:00

EPSS

0.018

Percentile

88.3%

JSON
Related for OPENVAS:902666
nessus3openvas9suse1nvd6cve6prion6cvelist6gentoo1