Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2010-2018 Tenable Network Security, Inc.OPERA_1053.NASL
HistoryApr 30, 2010 - 12:00 a.m.

Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access

2010-04-3000:00:00
This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.
www.tenable.com
15

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.17 Low

EPSS

Percentile

96.1%

JSON

The version of Opera installed on the remote host is earlier than 10.53. Such versions are potentially affected by the following issue :

  • Multiple asynchronous calls to a script that modifies document contents can be abused to reference an uninitialized value, leading to an application crash or possibly allowing execution of arbitrary code. (953)
#
# (C) Tenable Network Security, Inc.
#

include("compat.inc");

if (description)
{
  script_id(46204);
  script_version("1.12");
  script_cvs_date("Date: 2018/11/15 20:50:27");

  script_cve_id("CVE-2010-1728");
  script_bugtraq_id(39855);
  script_xref(name:"Secunia", value:"39590");

  script_name(english:"Opera < 10.53 Asynchronous Content Modification Uninitialized Memory Access");
  script_summary(english:"Checks version number of Opera");

  script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that may allow code
execution.");
  script_set_attribute(attribute:"description", value:
"The version of Opera installed on the remote host is earlier than
10.53.  Such versions are potentially affected by the following 
issue :

  - Multiple asynchronous calls to a script that modifies 
    document contents can be abused to reference an
    uninitialized value, leading to an application crash
    or possibly allowing execution of arbitrary code. 
    (953)"
  );
  # http://web.archive.org/web/20100504014234/http://h.ackack.net/?p=258
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?d143f98e");
  script_set_attribute(attribute:"see_also", value:"http://web.archive.org/web/20130225211803/http://www.opera.com/support/kb/view/953/");
  script_set_attribute(attribute:"see_also", value:"http://web.archive.org/web/20170829142741/http://www.opera.com/docs/changelogs/windows/1053/");
  script_set_attribute(attribute:"solution", value:"Upgrade to Opera 10.53 or later.");
 script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
 script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
 script_set_attribute(attribute:"exploit_available", value:"false");
  script_set_attribute(attribute:"vuln_publication_date", value:"2010/04/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2010/04/30");
  script_set_attribute(attribute:"plugin_publication_date", value:"2010/04/30");
  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:opera:opera_browser");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Windows");

  script_copyright(english:"This script is Copyright (C) 2010-2018 Tenable Network Security, Inc.");

  script_dependencies("opera_installed.nasl");
  script_require_keys("SMB/Opera/Version");

  exit(0);
}

include("global_settings.inc");

version_ui = get_kb_item("SMB/Opera/Version_UI");
version = get_kb_item("SMB/Opera/Version");
if (isnull(version)) exit(1, "The 'SMB/Opera/Version' KB item is missing.");

if (isnull(version_ui)) version_report = version;
else version_report = version_ui;

ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
  ver[i] = int(ver[i]);

if (
  ver[0] < 10 ||
  (ver[0] == 10 && ver[1] < 53)
)
{
  if (report_verbosity > 0)
  {
    report = '\n' +
      'Opera ' + version_report + ' is currently installed on the remote host.\n';
    security_hole(port:get_kb_item("SMB/transport"), extra:report);
  }
  else security_hole(port:get_kb_item("SMB/transport"));
  exit(0);
}
else exit(0, "The host is not affected since Opera "+version_report+" is installed.");
VendorProductVersionCPE
operaopera_browsercpe:/a:opera:opera_browser

Related

checkpoint_advisories 2
openvas 4
nvd 1
cve 1
cvelist 1
prion 1
checkpoint_advisories
checkpoint_advisories
Update Protection against Opera Browser Document Writing Uninitialized Memory Access
2011-01-31 00:00:00
Opera Browser Document Writing Uninitialized Memory Access (CVE-2010-1728)
2010-06-10 00:00:00
openvas
openvas
Opera Browser 'document.write()' Code execution Vulnerability - Windows
2010-05-13 00:00:00
Opera Browser 'document.write()' Code execution Vulnerability (Windows)
2010-05-13 00:00:00
Apple Safari 'webkit' Denial Of Service Vulnerability
2010-05-13 00:00:00
nvd
nvd
CVE-2010-1728
2010-05-06 14:53:01
cve
cve
CVE-2010-1728
2010-05-06 14:53:01
cvelist
cvelist
CVE-2010-1728
2010-05-05 14:00:00
prion
prion
Code injection
2010-05-06 14:53:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.17 Low

EPSS

Percentile

96.1%

JSON
Related for OPERA_1053.NASL
checkpoint_advisories2openvas4nvd1cve1cvelist1prion1