DATABASE RESOURCES PRICING ABOUT US

{"id": "CVE-2011-4065", "vendorId": null, "type": "cve", "bulletinFamily": "NVD", "title": "CVE-2011-4065", "description": "This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.", "published": "2022-02-25T22:57:45", "modified": "2022-02-25T22:57:45", "cvss": {}, "cvss2": {}, "cvss3": {}, "href": "", "reporter": "candidate", "references": [], "cvelist": [], "immutableFields": [], "lastseen": "2022-02-25T22:57:45", "viewCount": 9, "enchantments": {"dependencies": {"references": [{"type": "gentoo", "idList": ["GLSA-201206-03"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201206-03.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231071547", "OPENVAS:71547"]}], "rev": 4}, "score": {"value": 1.5, "vector": "NONE"}, "backreferences": {"references": [{"type": "gentoo", "idList": ["GLSA-201206-03"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-201206-03.NASL"]}, {"type": "openvas", "idList": ["OPENVAS:71547"]}]}, "vulnersScore": 1.5}, "_state": {"dependencies": 1647589307, "score": 1659757587, "epss": 1679179052}, "_internal": {}, "cpe": [], "cpe23": [], "cwe": [], "affectedSoftware": [], "affectedConfiguration": [], "cpeConfiguration": {}, "extraReferences": [], "product_info": []}

{"nessus": [{"lastseen": "2023-01-11T14:24:35", "description": "The remote host is affected by the vulnerability described in GLSA-201206-03 (Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted web page, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A remote attacker may be able to: trick users into downloading and executing arbitrary files, bypass intended access restrictions, spoof trusted content, spoof URLs, bypass the Same Origin Policy, obtain sensitive information, force subscriptions to arbitrary feeds, bypass the popup blocker, bypass CSS filtering, conduct cross-site scripting attacks, or have other unknown impact.\n A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or possibly obtain sensitive information.\n A physically proximate attacker may be able to access an email account.\n Workaround :\n\n There is no known workaround at this time.", "cvss3": {}, "published": "2012-06-21T00:00:00", "type": "nessus", "title": "GLSA-201206-03 : Opera: Multiple vulnerabilities", "bulletinFamily": "scanner", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": true, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1234", "CVE-2009-2059", "CVE-2009-2063", "CVE-2009-2067", "CVE-2009-2070", "CVE-2009-3013", "CVE-2009-3044", "CVE-2009-3045", "CVE-2009-3046", "CVE-2009-3047", "CVE-2009-3048", "CVE-2009-3049", "CVE-2009-3831", "CVE-2009-4071", "CVE-2009-4072", "CVE-2010-0653", "CVE-2010-1349", "CVE-2010-1989", "CVE-2010-1993", "CVE-2010-2121", "CVE-2010-2421", "CVE-2010-2455", "CVE-2010-2576", "CVE-2010-2658", "CVE-2010-2659", "CVE-2010-2660", "CVE-2010-2661", "CVE-2010-2662", "CVE-2010-2663", "CVE-2010-2664", "CVE-2010-2665", "CVE-2010-3019", "CVE-2010-3020", "CVE-2010-3021", "CVE-2010-4579", "CVE-2010-4580", "CVE-2010-4581", "CVE-2010-4582", "CVE-2010-4583", "CVE-2010-4584", "CVE-2010-4585", "CVE-2010-4586", "CVE-2011-0681", "CVE-2011-0682", "CVE-2011-0683", "CVE-2011-0684", "CVE-2011-0685", "CVE-2011-0686", "CVE-2011-0687", "CVE-2011-1337", "CVE-2011-1824", "CVE-2011-2609", "CVE-2011-2610", "CVE-2011-2611", "CVE-2011-2612", "CVE-2011-2613", "CVE-2011-2614", "CVE-2011-2615", "CVE-2011-2616", "CVE-2011-2617", "CVE-2011-2618", "CVE-2011-2619", "CVE-2011-2620", "CVE-2011-2621", "CVE-2011-2622", "CVE-2011-2623", "CVE-2011-2624", "CVE-2011-2625", "CVE-2011-2626", "CVE-2011-2627", "CVE-2011-2628", "CVE-2011-2629", "CVE-2011-2630", "CVE-2011-2631", "CVE-2011-2632", "CVE-2011-2633", "CVE-2011-2634", "CVE-2011-2635", "CVE-2011-2636", "CVE-2011-2637", "CVE-2011-2638", "CVE-2011-2639", "CVE-2011-2640", "CVE-2011-2641", "CVE-2011-3388", "CVE-2011-4065", "CVE-2011-4681", "CVE-2011-4682", "CVE-2011-4683", "CVE-2012-1924", "CVE-2012-1925", "CVE-2012-1926", "CVE-2012-1927", "CVE-2012-1928", "CVE-2012-1930", "CVE-2012-1931", "CVE-2012-3555", "CVE-2012-3556", "CVE-2012-3557", "CVE-2012-3558", "CVE-2012-3560", "CVE-2012-3561"], "modified": "2021-01-06T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:opera", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201206-03.NASL", "href": "https://www.tenable.com/plugins/nessus/59631", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201206-03.\n#\n# The advisory text is Copyright (C) 2001-2019 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(59631);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2009-1234\", \"CVE-2009-2059\", \"CVE-2009-2063\", \"CVE-2009-2067\", \"CVE-2009-2070\", \"CVE-2009-3013\", \"CVE-2009-3044\", \"CVE-2009-3045\", \"CVE-2009-3046\", \"CVE-2009-3047\", \"CVE-2009-3048\", \"CVE-2009-3049\", \"CVE-2009-3831\", \"CVE-2009-4071\", \"CVE-2009-4072\", \"CVE-2010-0653\", \"CVE-2010-1349\", \"CVE-2010-1989\", \"CVE-2010-1993\", \"CVE-2010-2121\", \"CVE-2010-2421\", \"CVE-2010-2455\", \"CVE-2010-2576\", \"CVE-2010-2658\", \"CVE-2010-2659\", \"CVE-2010-2660\", \"CVE-2010-2661\", \"CVE-2010-2662\", \"CVE-2010-2663\", \"CVE-2010-2664\", \"CVE-2010-2665\", \"CVE-2010-3019\", \"CVE-2010-3020\", \"CVE-2010-3021\", \"CVE-2010-4579\", \"CVE-2010-4580\", \"CVE-2010-4581\", \"CVE-2010-4582\", \"CVE-2010-4583\", \"CVE-2010-4584\", \"CVE-2010-4585\", \"CVE-2010-4586\", \"CVE-2011-0681\", \"CVE-2011-0682\", \"CVE-2011-0683\", \"CVE-2011-0684\", \"CVE-2011-0685\", \"CVE-2011-0686\", \"CVE-2011-0687\", \"CVE-2011-1337\", \"CVE-2011-1824\", \"CVE-2011-2609\", \"CVE-2011-2610\", \"CVE-2011-2611\", \"CVE-2011-2612\", \"CVE-2011-2613\", \"CVE-2011-2614\", \"CVE-2011-2615\", \"CVE-2011-2616\", \"CVE-2011-2617\", \"CVE-2011-2618\", \"CVE-2011-2619\", \"CVE-2011-2620\", \"CVE-2011-2621\", \"CVE-2011-2622\", \"CVE-2011-2623\", \"CVE-2011-2624\", \"CVE-2011-2625\", \"CVE-2011-2626\", \"CVE-2011-2627\", \"CVE-2011-2628\", \"CVE-2011-2629\", \"CVE-2011-2630\", \"CVE-2011-2631\", \"CVE-2011-2632\", \"CVE-2011-2633\", \"CVE-2011-2634\", \"CVE-2011-2635\", \"CVE-2011-2636\", \"CVE-2011-2637\", \"CVE-2011-2638\", \"CVE-2011-2639\", \"CVE-2011-2640\", \"CVE-2011-2641\", \"CVE-2011-3388\", \"CVE-2011-4065\", \"CVE-2011-4681\", \"CVE-2011-4682\", \"CVE-2011-4683\", \"CVE-2012-1924\", \"CVE-2012-1925\", \"CVE-2012-1926\", \"CVE-2012-1927\", \"CVE-2012-1928\", \"CVE-2012-1930\", \"CVE-2012-1931\", \"CVE-2012-3555\", \"CVE-2012-3556\", \"CVE-2012-3557\", \"CVE-2012-3558\", \"CVE-2012-3560\", \"CVE-2012-3561\");\n script_xref(name:\"GLSA\", value:\"201206-03\");\n\n script_name(english:\"GLSA-201206-03 : Opera: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201206-03\n(Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted web\n page, possibly resulting in execution of arbitrary code with the\n privileges of the process or a Denial of Service condition. A remote\n attacker may be able to: trick users into downloading and executing\n arbitrary files, bypass intended access restrictions, spoof trusted\n content, spoof URLs, bypass the Same Origin Policy, obtain sensitive\n information, force subscriptions to arbitrary feeds, bypass the popup\n blocker, bypass CSS filtering, conduct cross-site scripting attacks, or\n have other unknown impact.\n A local attacker could perform symlink attacks to overwrite arbitrary\n files with the privileges of the user running the application or possibly\n obtain sensitive information.\n A physically proximate attacker may be able to access an email account.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201206-03\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Opera users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-12.00.1467'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_set_attribute(attribute:\"exploited_by_malware\", value:\"true\");\n script_cwe_id(16, 20, 79, 94, 264, 287, 310);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/04/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/06/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2012-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/opera\", unaffected:make_list(\"ge 12.00.1467\"), vulnerable:make_list(\"lt 12.00.1467\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Opera\");\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "gentoo": [{"lastseen": "2022-01-17T19:12:53", "description": "### Background\n\nOpera is a fast web browser that is available free of charge.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted web page, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A remote attacker may be able to: trick users into downloading and executing arbitrary files, bypass intended access restrictions, spoof trusted content, spoof URLs, bypass the Same Origin Policy, obtain sensitive information, force subscriptions to arbitrary feeds, bypass the popup blocker, bypass CSS filtering, conduct cross-site scripting attacks, or have other unknown impact. \n\nA local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or possibly obtain sensitive information. \n\nA physically proximate attacker may be able to access an email account. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Opera users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/opera-12.00.1467\"", "cvss3": {}, "published": "2012-06-15T00:00:00", "type": "gentoo", "title": "Opera: Multiple vulnerabilities", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 10.0, "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": true, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-1234", "CVE-2009-2059", "CVE-2009-2063", "CVE-2009-2067", "CVE-2009-2070", "CVE-2009-3013", "CVE-2009-3044", "CVE-2009-3045", "CVE-2009-3046", "CVE-2009-3047", "CVE-2009-3048", "CVE-2009-3049", "CVE-2009-3831", "CVE-2009-4071", "CVE-2009-4072", "CVE-2010-0653", "CVE-2010-1349", "CVE-2010-1989", "CVE-2010-1993", "CVE-2010-2121", "CVE-2010-2421", "CVE-2010-2455", "CVE-2010-2576", "CVE-2010-2658", "CVE-2010-2659", "CVE-2010-2660", "CVE-2010-2661", "CVE-2010-2662", "CVE-2010-2663", "CVE-2010-2664", "CVE-2010-2665", "CVE-2010-3019", "CVE-2010-3020", "CVE-2010-3021", "CVE-2010-4579", "CVE-2010-4580", "CVE-2010-4581", "CVE-2010-4582", "CVE-2010-4583", "CVE-2010-4584", "CVE-2010-4585", "CVE-2010-4586", "CVE-2011-0681", "CVE-2011-0682", "CVE-2011-0683", "CVE-2011-0684", "CVE-2011-0685", "CVE-2011-0686", "CVE-2011-0687", "CVE-2011-1337", "CVE-2011-1824", "CVE-2011-2609", "CVE-2011-2610", "CVE-2011-2611", "CVE-2011-2612", "CVE-2011-2613", "CVE-2011-2614", "CVE-2011-2615", "CVE-2011-2616", "CVE-2011-2617", "CVE-2011-2618", "CVE-2011-2619", "CVE-2011-2620", "CVE-2011-2621", "CVE-2011-2622", "CVE-2011-2623", "CVE-2011-2624", "CVE-2011-2625", "CVE-2011-2626", "CVE-2011-2627", "CVE-2011-2628", "CVE-2011-2629", "CVE-2011-2630", "CVE-2011-2631", "CVE-2011-2632", "CVE-2011-2633", "CVE-2011-2634", "CVE-2011-2635", "CVE-2011-2636", "CVE-2011-2637", "CVE-2011-2638", "CVE-2011-2639", "CVE-2011-2640", "CVE-2011-2641", "CVE-2011-3388", "CVE-2011-4065", "CVE-2011-4681", "CVE-2011-4682", "CVE-2011-4683", "CVE-2012-1924", "CVE-2012-1925", "CVE-2012-1926", "CVE-2012-1927", "CVE-2012-1928", "CVE-2012-1930", "CVE-2012-1931", "CVE-2012-3555", "CVE-2012-3556", "CVE-2012-3557", "CVE-2012-3558", "CVE-2012-3560", "CVE-2012-3561"], "modified": "2012-06-15T00:00:00", "id": "GLSA-201206-03", "href": "https://security.gentoo.org/glsa/201206-03", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2017-07-24T12:50:36", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-03.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-03 (Opera)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2626", "CVE-2011-2623", "CVE-2011-0685", "CVE-2012-3557", "CVE-2011-0684", "CVE-2009-4071", "CVE-2009-1234", "CVE-2012-1924", "CVE-2012-3556", "CVE-2011-2618", "CVE-2011-2640", "CVE-2011-3388", "CVE-2011-2621", "CVE-2010-2421", "CVE-2011-4681", "CVE-2010-4579", "CVE-2011-2619", "CVE-2012-1925", "CVE-2011-2609", "CVE-2010-4585", "CVE-2010-0653", "CVE-2011-2630", "CVE-2011-2625", "CVE-2010-2662", "CVE-2010-2659", "CVE-2012-1927", "CVE-2010-2121", "CVE-2011-2613", "CVE-2010-4583", "CVE-2011-2614", "CVE-2012-1928", "CVE-2011-2634", "CVE-2010-3021", "CVE-2010-3020", "CVE-2010-2455", "CVE-2009-2059", "CVE-2010-2576", "CVE-2012-1930", "CVE-2011-2639", "CVE-2012-1926", "CVE-2010-2663", "CVE-2009-3049", "CVE-2011-2620", "CVE-2009-3046", "CVE-2010-2665", "CVE-2011-2611", "CVE-2012-3555", "CVE-2011-2622", "CVE-2010-4581", "CVE-2009-3044", "CVE-2010-4582", "CVE-2009-3013", "CVE-2011-4682", "CVE-2011-2632", "CVE-2011-2617", "CVE-2011-4065", "CVE-2009-3047", "CVE-2010-3019", "CVE-2011-2635", "CVE-2011-2616", "CVE-2011-2615", "CVE-2010-2661", "CVE-2011-0682", "CVE-2010-4586", "CVE-2011-1824", "CVE-2009-2070", "CVE-2009-3831", "CVE-2009-3045", "CVE-2011-0687", "CVE-2012-3561", "CVE-2012-3558", "CVE-2009-4072", "CVE-2009-3048", "CVE-2011-2627", "CVE-2011-2610", "CVE-2010-1993", "CVE-2010-2664", "CVE-2011-0686", "CVE-2011-1337", "CVE-2011-2631", "CVE-2011-2629", "CVE-2011-4683", "CVE-2011-0683", "CVE-2011-2628", "CVE-2010-4584", "CVE-2009-2063", "CVE-2011-2612", "CVE-2010-2660", "CVE-2010-1349", "CVE-2009-2067", "CVE-2011-2636", "CVE-2011-2641", "CVE-2011-2638", "CVE-2010-2658", "CVE-2010-4580", "CVE-2012-3560", "CVE-2011-2637", "CVE-2011-0681", "CVE-2012-1931", "CVE-2011-2624", "CVE-2010-1989", "CVE-2011-2633"], "modified": "2017-07-07T00:00:00", "id": "OPENVAS:71547", "href": "http://plugins.openvas.org/nasl.php?oid=71547", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been found in Opera, the worst of\n which allow for the execution of arbitrary code.\";\ntag_solution = \"All Opera users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-12.00.1467'\n \n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-03\nhttp://bugs.gentoo.org/show_bug.cgi?id=264831\nhttp://bugs.gentoo.org/show_bug.cgi?id=283391\nhttp://bugs.gentoo.org/show_bug.cgi?id=290862\nhttp://bugs.gentoo.org/show_bug.cgi?id=293902\nhttp://bugs.gentoo.org/show_bug.cgi?id=294208\nhttp://bugs.gentoo.org/show_bug.cgi?id=294680\nhttp://bugs.gentoo.org/show_bug.cgi?id=308069\nhttp://bugs.gentoo.org/show_bug.cgi?id=324189\nhttp://bugs.gentoo.org/show_bug.cgi?id=325199\nhttp://bugs.gentoo.org/show_bug.cgi?id=326413\nhttp://bugs.gentoo.org/show_bug.cgi?id=332449\nhttp://bugs.gentoo.org/show_bug.cgi?id=348874\nhttp://bugs.gentoo.org/show_bug.cgi?id=352750\nhttp://bugs.gentoo.org/show_bug.cgi?id=367837\nhttp://bugs.gentoo.org/show_bug.cgi?id=373289\nhttp://bugs.gentoo.org/show_bug.cgi?id=381275\nhttp://bugs.gentoo.org/show_bug.cgi?id=386217\nhttp://bugs.gentoo.org/show_bug.cgi?id=387137\nhttp://bugs.gentoo.org/show_bug.cgi?id=393395\nhttp://bugs.gentoo.org/show_bug.cgi?id=409857\nhttp://bugs.gentoo.org/show_bug.cgi?id=415379\nhttp://bugs.gentoo.org/show_bug.cgi?id=421075\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 201206-03.\";\n\n \n \nif(description)\n{\n script_id(71547);\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1234\", \"CVE-2009-2059\", \"CVE-2009-2063\", \"CVE-2009-2067\", \"CVE-2009-2070\", \"CVE-2009-3013\", \"CVE-2009-3044\", \"CVE-2009-3045\", \"CVE-2009-3046\", \"CVE-2009-3047\", \"CVE-2009-3048\", \"CVE-2009-3049\", \"CVE-2009-3831\", \"CVE-2009-4071\", \"CVE-2009-4072\", \"CVE-2010-0653\", \"CVE-2010-1349\", \"CVE-2010-1989\", \"CVE-2010-1993\", \"CVE-2010-2121\", \"CVE-2010-2421\", \"CVE-2010-2455\", \"CVE-2010-2576\", \"CVE-2010-2658\", \"CVE-2010-2659\", \"CVE-2010-2660\", \"CVE-2010-2661\", \"CVE-2010-2662\", \"CVE-2010-2663\", \"CVE-2010-2664\", \"CVE-2010-2665\", \"CVE-2010-3019\", \"CVE-2010-3020\", \"CVE-2010-3021\", \"CVE-2010-4579\", \"CVE-2010-4580\", \"CVE-2010-4581\", \"CVE-2010-4582\", \"CVE-2010-4583\", \"CVE-2010-4584\", \"CVE-2010-4585\", \"CVE-2010-4586\", \"CVE-2011-0681\", \"CVE-2011-0682\", \"CVE-2011-0683\", \"CVE-2011-0684\", \"CVE-2011-0685\", \"CVE-2011-0686\", \"CVE-2011-0687\", \"CVE-2011-1337\", \"CVE-2011-1824\", \"CVE-2011-2609\", \"CVE-2011-2610\", \"CVE-2011-2611\", \"CVE-2011-2612\", \"CVE-2011-2613\", \"CVE-2011-2614\", \"CVE-2011-2615\", \"CVE-2011-2616\", \"CVE-2011-2617\", \"CVE-2011-2618\", \"CVE-2011-2619\", \"CVE-2011-2620\", \"CVE-2011-2621\", \"CVE-2011-2622\", \"CVE-2011-2623\", \"CVE-2011-2624\", \"CVE-2011-2625\", \"CVE-2011-2626\", \"CVE-2011-2627\", \"CVE-2011-2628\", \"CVE-2011-2629\", \"CVE-2011-2630\", \"CVE-2011-2631\", \"CVE-2011-2632\", \"CVE-2011-2633\", \"CVE-2011-2634\", \"CVE-2011-2635\", \"CVE-2011-2636\", \"CVE-2011-2637\", \"CVE-2011-2638\", \"CVE-2011-2639\", \"CVE-2011-2640\", \"CVE-2011-2641\", \"CVE-2011-3388\", \"CVE-2011-4065\", \"CVE-2011-4681\", \"CVE-2011-4682\", \"CVE-2011-4683\", \"CVE-2012-1924\", \"CVE-2012-1925\", \"CVE-2012-1926\", \"CVE-2012-1927\", \"CVE-2012-1928\", \"CVE-2012-1930\", \"CVE-2012-1931\", \"CVE-2012-3555\", \"CVE-2012-3556\", \"CVE-2012-3557\", \"CVE-2012-3558\", \"CVE-2012-3560\", \"CVE-2012-3561\");\n script_version(\"$Revision: 6589 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 10:27:50 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-03 (Opera)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-client/opera\", unaffected: make_list(\"ge 12.00.1467\"), vulnerable: make_list(\"lt 12.00.1467\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2019-05-29T18:38:57", "description": "The remote host is missing updates announced in\nadvisory GLSA 201206-03.", "cvss3": {}, "published": "2012-08-10T00:00:00", "type": "openvas", "title": "Gentoo Security Advisory GLSA 201206-03 (Opera)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2011-2626", "CVE-2011-2623", "CVE-2011-0685", "CVE-2012-3557", "CVE-2011-0684", "CVE-2009-4071", "CVE-2009-1234", "CVE-2012-1924", "CVE-2012-3556", "CVE-2011-2618", "CVE-2011-2640", "CVE-2011-3388", "CVE-2011-2621", "CVE-2010-2421", "CVE-2011-4681", "CVE-2010-4579", "CVE-2011-2619", "CVE-2012-1925", "CVE-2011-2609", "CVE-2010-4585", "CVE-2010-0653", "CVE-2011-2630", "CVE-2011-2625", "CVE-2010-2662", "CVE-2010-2659", "CVE-2012-1927", "CVE-2010-2121", "CVE-2011-2613", "CVE-2010-4583", "CVE-2011-2614", "CVE-2012-1928", "CVE-2011-2634", "CVE-2010-3021", "CVE-2010-3020", "CVE-2010-2455", "CVE-2009-2059", "CVE-2010-2576", "CVE-2012-1930", "CVE-2011-2639", "CVE-2012-1926", "CVE-2010-2663", "CVE-2009-3049", "CVE-2011-2620", "CVE-2009-3046", "CVE-2010-2665", "CVE-2011-2611", "CVE-2012-3555", "CVE-2011-2622", "CVE-2010-4581", "CVE-2009-3044", "CVE-2010-4582", "CVE-2009-3013", "CVE-2011-4682", "CVE-2011-2632", "CVE-2011-2617", "CVE-2011-4065", "CVE-2009-3047", "CVE-2010-3019", "CVE-2011-2635", "CVE-2011-2616", "CVE-2011-2615", "CVE-2010-2661", "CVE-2011-0682", "CVE-2010-4586", "CVE-2011-1824", "CVE-2009-2070", "CVE-2009-3831", "CVE-2009-3045", "CVE-2011-0687", "CVE-2012-3561", "CVE-2012-3558", "CVE-2009-4072", "CVE-2009-3048", "CVE-2011-2627", "CVE-2011-2610", "CVE-2010-1993", "CVE-2010-2664", "CVE-2011-0686", "CVE-2011-1337", "CVE-2011-2631", "CVE-2011-2629", "CVE-2011-4683", "CVE-2011-0683", "CVE-2011-2628", "CVE-2010-4584", "CVE-2009-2063", "CVE-2011-2612", "CVE-2010-2660", "CVE-2010-1349", "CVE-2009-2067", "CVE-2011-2636", "CVE-2011-2641", "CVE-2011-2638", "CVE-2010-2658", "CVE-2010-4580", "CVE-2012-3560", "CVE-2011-2637", "CVE-2011-0681", "CVE-2012-1931", "CVE-2011-2624", "CVE-2010-1989", "CVE-2011-2633"], "modified": "2018-10-12T00:00:00", "id": "OPENVAS:136141256231071547", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231071547", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: glsa_201206_03.nasl 11859 2018-10-12 08:53:01Z cfischer $\n#\n# Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.71547\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_cve_id(\"CVE-2009-1234\", \"CVE-2009-2059\", \"CVE-2009-2063\", \"CVE-2009-2067\", \"CVE-2009-2070\", \"CVE-2009-3013\", \"CVE-2009-3044\", \"CVE-2009-3045\", \"CVE-2009-3046\", \"CVE-2009-3047\", \"CVE-2009-3048\", \"CVE-2009-3049\", \"CVE-2009-3831\", \"CVE-2009-4071\", \"CVE-2009-4072\", \"CVE-2010-0653\", \"CVE-2010-1349\", \"CVE-2010-1989\", \"CVE-2010-1993\", \"CVE-2010-2121\", \"CVE-2010-2421\", \"CVE-2010-2455\", \"CVE-2010-2576\", \"CVE-2010-2658\", \"CVE-2010-2659\", \"CVE-2010-2660\", \"CVE-2010-2661\", \"CVE-2010-2662\", \"CVE-2010-2663\", \"CVE-2010-2664\", \"CVE-2010-2665\", \"CVE-2010-3019\", \"CVE-2010-3020\", \"CVE-2010-3021\", \"CVE-2010-4579\", \"CVE-2010-4580\", \"CVE-2010-4581\", \"CVE-2010-4582\", \"CVE-2010-4583\", \"CVE-2010-4584\", \"CVE-2010-4585\", \"CVE-2010-4586\", \"CVE-2011-0681\", \"CVE-2011-0682\", \"CVE-2011-0683\", \"CVE-2011-0684\", \"CVE-2011-0685\", \"CVE-2011-0686\", \"CVE-2011-0687\", \"CVE-2011-1337\", \"CVE-2011-1824\", \"CVE-2011-2609\", \"CVE-2011-2610\", \"CVE-2011-2611\", \"CVE-2011-2612\", \"CVE-2011-2613\", \"CVE-2011-2614\", \"CVE-2011-2615\", \"CVE-2011-2616\", \"CVE-2011-2617\", \"CVE-2011-2618\", \"CVE-2011-2619\", \"CVE-2011-2620\", \"CVE-2011-2621\", \"CVE-2011-2622\", \"CVE-2011-2623\", \"CVE-2011-2624\", \"CVE-2011-2625\", \"CVE-2011-2626\", \"CVE-2011-2627\", \"CVE-2011-2628\", \"CVE-2011-2629\", \"CVE-2011-2630\", \"CVE-2011-2631\", \"CVE-2011-2632\", \"CVE-2011-2633\", \"CVE-2011-2634\", \"CVE-2011-2635\", \"CVE-2011-2636\", \"CVE-2011-2637\", \"CVE-2011-2638\", \"CVE-2011-2639\", \"CVE-2011-2640\", \"CVE-2011-2641\", \"CVE-2011-3388\", \"CVE-2011-4065\", \"CVE-2011-4681\", \"CVE-2011-4682\", \"CVE-2011-4683\", \"CVE-2012-1924\", \"CVE-2012-1925\", \"CVE-2012-1926\", \"CVE-2012-1927\", \"CVE-2012-1928\", \"CVE-2012-1930\", \"CVE-2012-1931\", \"CVE-2012-3555\", \"CVE-2012-3556\", \"CVE-2012-3557\", \"CVE-2012-3558\", \"CVE-2012-3560\", \"CVE-2012-3561\");\n script_version(\"$Revision: 11859 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-10-12 10:53:01 +0200 (Fri, 12 Oct 2018) $\");\n script_tag(name:\"creation_date\", value:\"2012-08-10 03:22:53 -0400 (Fri, 10 Aug 2012)\");\n script_name(\"Gentoo Security Advisory GLSA 201206-03 (Opera)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities have been found in Opera, the worst of\n which allow for the execution of arbitrary code.\");\n script_tag(name:\"solution\", value:\"All Opera users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-12.00.1467'\");\n\n script_xref(name:\"URL\", value:\"http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201206-03\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=264831\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=283391\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=290862\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=293902\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=294208\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=294680\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=308069\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=324189\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=325199\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=326413\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=332449\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=348874\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=352750\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=367837\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=373289\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=381275\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=386217\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=387137\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=393395\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=409857\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=415379\");\n script_xref(name:\"URL\", value:\"http://bugs.gentoo.org/show_bug.cgi?id=421075\");\n script_tag(name:\"summary\", value:\"The remote host is missing updates announced in\nadvisory GLSA 201206-03.\");\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"pkg-lib-gentoo.inc\");\ninclude(\"revisions-lib.inc\");\n\nres = \"\";\nreport = \"\";\nif((res = ispkgvuln(pkg:\"www-client/opera\", unaffected: make_list(\"ge 12.00.1467\"), vulnerable: make_list(\"lt 12.00.1467\"))) != NULL ) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99);\n}\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}