9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.28 Low
EPSS
Percentile
96.9%
The version of Opera installed on the remote host is earlier than 9.60 and thus reportedly affected by several issues :
Specially crafted URLs can cause Opera to crash or allow arbitrary code execution.
Once a Java applet has been cached, a page that can predict the cache path for that applet can load it from cache thereby causing it to run in the security context of the local machine, allowing for reading of other files from the cache.
#
# (C) Tenable Network Security, Inc.
#
include("compat.inc");
if (description)
{
script_id(34368);
script_version("1.14");
script_cve_id("CVE-2008-4694", "CVE-2008-4695");
script_bugtraq_id(31631, 31643);
script_xref(name:"Secunia", value:"32177");
script_name(english:"Opera < 9.60 Multiple Vulnerabilities");
script_summary(english:"Checks version number of Opera");
script_set_attribute(attribute:"synopsis", value:
"The remote host contains a web browser that is affected by several
issues." );
script_set_attribute(attribute:"description", value:
"The version of Opera installed on the remote host is earlier than 9.60
and thus reportedly affected by several issues :
- Specially crafted URLs can cause Opera to crash or allow
arbitrary code execution.
- Once a Java applet has been cached, a page that can
predict the cache path for that applet can load it from
cache thereby causing it to run in the security context
of the local machine, allowing for reading of other
files from the cache." );
script_set_attribute(attribute:"see_also", value:"http://www.opera.com/support/search/view/901/" );
script_set_attribute(attribute:"see_also", value:"http://www.opera.com/support/search/view/902/" );
script_set_attribute(attribute:"see_also", value:"http://web.archive.org/web/20170910110910/http://www.opera.com:80/docs/changelogs/windows/960/" );
script_set_attribute(attribute:"solution", value:
"Upgrade to Opera 9.60 or later." );
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_cwe_id(59, 200);
script_set_attribute(attribute:"plugin_publication_date", value: "2008/10/08");
script_cvs_date("Date: 2018/11/15 20:50:28");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:opera:opera_browser");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows");
script_copyright(english:"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.");
script_dependencies("opera_installed.nasl");
script_require_keys("SMB/Opera/Version");
exit(0);
}
include("global_settings.inc");
version_ui = get_kb_item("SMB/Opera/Version_UI");
version = get_kb_item("SMB/Opera/Version");
if (isnull(version)) exit(0);
ver = split(version, sep:'.', keep:FALSE);
for (i=0; i<max_index(ver); i++)
ver[i] = int(ver[i]);
if (
ver[0] < 9 ||
(
ver[0] == 9 &&
(
ver[1] < 60 ||
(ver[1] == 60 && ver[2] < 10447)
)
)
)
{
if (report_verbosity && version_ui)
{
report = string(
"\n",
"Opera ", version_ui, " is currently installed on the remote host.\n"
);
security_hole(port:get_kb_item("SMB/transport"), extra:report);
}
else security_hole(get_kb_item("SMB/transport"));
}
Vendor | Product | Version | CPE |
---|---|---|---|
opera | opera_browser | cpe:/a:opera:opera_browser |