Opera Extended Validation Information Disclosure Vulnerabilities on Linux. Multiple flaws due to error in loading content from trusted sources causing security information disclosure. Upgrade to Opera version 11.51 or later
Reporter | Title | Published | Views | Family All 199 |
---|---|---|---|---|
OpenVAS | Opera Extended Validation Information Disclosure Vulnerabilities (Linux) | 6 Apr 201200:00 | – | openvas |
OpenVAS | Opera Extended Validation Information Disclosure Vulnerabilities - Windows | 9 Sep 201100:00 | – | openvas |
OpenVAS | Opera Extended Validation Information Disclosure Vulnerabilities (Windows) | 9 Sep 201100:00 | – | openvas |
OpenVAS | Opera Extended Validation Information Disclosure Vulnerabilities - Mac OS X | 9 Sep 201100:00 | – | openvas |
OpenVAS | Opera Extended Validation Information Disclosure Vulnerabilities (Mac OS X) | 9 Sep 201100:00 | – | openvas |
OpenVAS | Fedora Update for nss FEDORA-2011-17400 | 19 Mar 201200:00 | – | openvas |
OpenVAS | Fedora Update for gnome-python2-extras FEDORA-2011-17399 | 23 Jan 201200:00 | – | openvas |
OpenVAS | Fedora Update for nss-softokn FEDORA-2011-17399 | 23 Jan 201200:00 | – | openvas |
OpenVAS | Fedora Update for firefox FEDORA-2011-17400 | 2 Apr 201200:00 | – | openvas |
OpenVAS | Fedora Update for nss-util FEDORA-2011-17399 | 23 Jan 201200:00 | – | openvas |
Source | Link |
---|---|
secunia | www.secunia.com/advisories/45791 |
opera | www.opera.com/support/kb/view/1000/ |
securitytracker | www.securitytracker.com/id |
securityfocus | www.securityfocus.com/bid/49388 |
# SPDX-FileCopyrightText: 2012 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.802830");
script_version("2024-02-15T05:05:40+0000");
script_cve_id("CVE-2011-3388", "CVE-2011-3389");
script_tag(name:"cvss_base", value:"4.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:N/A:N");
script_tag(name:"last_modification", value:"2024-02-15 05:05:40 +0000 (Thu, 15 Feb 2024)");
script_tag(name:"creation_date", value:"2012-04-06 12:13:30 +0530 (Fri, 06 Apr 2012)");
script_name("Opera Extended Validation Information Disclosure Vulnerabilities - Linux");
script_xref(name:"URL", value:"http://secunia.com/advisories/45791");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/49388");
script_xref(name:"URL", value:"http://www.securitytracker.com/id?1025997");
script_xref(name:"URL", value:"http://www.opera.com/support/kb/view/1000/");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2012 Greenbone AG");
script_family("General");
script_dependencies("secpod_opera_detection_linux_900037.nasl");
script_mandatory_keys("Opera/Linux/Version");
script_tag(name:"impact", value:"Successful exploitation allows remote attackers to steal sensitive security
information.");
script_tag(name:"affected", value:"Opera version before 11.51 on Linux");
script_tag(name:"insight", value:"Multiple flaws are due to an error when loading content from trusted
sources in an unspecified sequence that causes the address field and page
information dialog to contain security information based on the trusted site
and loading an insecure site to appear secure via unspecified actions related
to Extended Validation.");
script_tag(name:"solution", value:"Upgrade to Opera version 11.51 or later.");
script_tag(name:"summary", value:"Opera is prone to information disclosure vulnerabilities.");
script_tag(name:"qod_type", value:"executable_version");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
operaVer = get_kb_item("Opera/Linux/Version");
if(!operaVer){
exit(0);
}
if(version_is_less(version:operaVer, test_version:"11.51")){
report = report_fixed_ver(installed_version:operaVer, fixed_version:"11.51");
security_message(port:0, data:report);
}
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo