Kaspersky LabKLA11732KLA11732 Multiple vulnerabilities in Opera
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.296 Low
EPSS
Percentile
96.8%
Detect date:
06/14/2018
Severity:
Warning
Description:
Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information, bypass security restrictions, perform cross-site scripting attack, spoof user interface, execute arbitrary code.
Exploitation:
Public exploits exist for this vulnerability.
Affected products:
Opera earlier than 54.0.2952.23
Solution:
Update to the latest version
Download Opera
Original advisories:
Changelog for Opera 54
Stable Channel Update for Desktop
Impacts:
ACE
Related products:
CVE-IDS:
CVE-2018-61234.3Warning
CVE-2018-61246.8High
CVE-2018-61266.8High
CVE-2018-61276.8High
CVE-2018-61284.3Warning
CVE-2018-61294.3Warning
CVE-2018-61304.3Warning
CVE-2018-61316.8High
CVE-2018-61324.3Warning
CVE-2018-61334.3Warning
CVE-2018-61344.3Warning
CVE-2018-61354.3Warning
CVE-2018-61364.3Warning
CVE-2018-61374.3Warning
CVE-2018-61385.8High
CVE-2018-61396.8High
CVE-2018-61409.3Critical
CVE-2018-61416.8High
CVE-2018-61424.3Warning
CVE-2018-61434.3Warning
CVE-2018-61446.8High
CVE-2018-61454.3Warning
CVE-2018-61472.1Warning
References
blogs.opera.com/desktop/changelog-for-54/#b2952.23
chromereleases.googleblog.com/2018/05/stable-channel-update-for-desktop_58.html
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6123
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6124
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6126
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6127
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6128
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6129
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6130
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6131
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6132
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6133
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6134
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6135
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6136
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6137
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6138
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6139
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6140
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6141
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6145
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6147
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Opera/
www.opera.com
Related
9.6 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.296 Low
EPSS
Percentile
96.8%