Lucene search

Kaspersky LabKLA40222

HistoryFeb 22, 2023 - 12:00 a.m.

KLA40222 Multiple vulnerabilities in Opera

2023-02-2200:00:00

Kaspersky Lab

threats.kaspersky.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.3%

JSON

Detect date:

02/22/2023

Severity:

High

Description:

Multiple vulnerabilities were found in Opera. Malicious users can exploit these vulnerabilities to cause denial of service, bypass security restrictions, execute arbitrary code, spoof user interface.

Affected products:

Opera earlier than 96.0.4693.20

Solution:

Update to the latest version
Download Opera

Original advisories:

Opera 96.0.4693.20 Initial Stable
Stable Channel Update for Desktop

Impacts:

ACE

Related products:

Opera

CVE-IDS:

CVE-2023-06976.5High
CVE-2023-07057.5Critical
CVE-2023-06968.8Critical
CVE-2023-07028.8Critical
CVE-2023-07006.5High
CVE-2023-06988.8Critical
CVE-2023-07018.8Critical
CVE-2023-07038.8Critical
CVE-2023-07046.5High
CVE-2023-06998.8Critical

References

blogs.opera.com/desktop/2023/02/opera-96-0-4693-20-stable-initial/

chromereleases.googleblog.com/2023/02/stable-channel-update-for-desktop.html

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0696

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0697

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0698

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0699

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0700

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0701

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0702

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0703

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0704

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0705

statistics.securelist.com/vulnerability-scan/month

threats.kaspersky.com/en/product/Opera/

www.opera.com

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

8.9 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.002 Low

EPSS

Percentile

64.3%

JSON