ID OPENVAS:803141 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2017-05-12T00:00:00
Description
The host is installed with Opera and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_opera_mult_vuln02_jan13_win.nasl 6115 2017-05-12 09:03:25Z teissa $
#
# Opera Multiple Vulnerabilities-02 Jan13 (Windows)
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will let the attacker crash the browser leading to
denial of service, execute the arbitrary code or disclose the information.
Impact Level: System/Application";
tag_affected = "Opera version before 12.11 on Windows";
tag_insight = "- An error in handling of error pages, can be used to guess local file paths.
- An error when requesting pages using HTTP, causes a buffer overflow, which
in turn can lead to a memory corruption and crash.";
tag_solution = "Upgrade to Opera version 12.11 or later,
For updates refer to http://www.opera.com/";
tag_summary = "The host is installed with Opera and is prone to multiple
vulnerabilities.";
if(description)
{
script_id(803141);
script_version("$Revision: 6115 $");
script_cve_id("CVE-2012-6468", "CVE-2012-6469");
script_bugtraq_id(56594);
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $");
script_tag(name:"creation_date", value:"2013-01-07 14:59:24 +0530 (Mon, 07 Jan 2013)");
script_name("Opera Multiple Vulnerabilities-02 Jan13 (Windows)");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1037/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1036/");
script_xref(name : "URL" , value : "http://www.opera.com/docs/changelogs/unified/1212/");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("General");
script_dependencies("secpod_opera_detection_win_900036.nasl");
script_require_keys("Opera/Win/Version");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
operaVer = "";
## Get Opera version from KB
operaVer = get_kb_item("Opera/Win/Version");
if(!operaVer){
exit(0);
}
## Check for opera versions prior to 12.11
if(version_is_less(version:operaVer, test_version:"12.11")){
security_message(0);
}
{"id": "OPENVAS:803141", "bulletinFamily": "scanner", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Windows)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "modified": "2017-05-12T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=803141", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "type": "openvas", "lastseen": "2017-07-02T21:11:11", "history": [], "edition": 1, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "2566185fab6e705a0374dd7efe53b5d5"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "bb2747f4c94a990a47535ef3d7c8ab74"}, {"key": "href", "hash": "21acef353333229d08d126fdd6429348"}, {"key": "modified", "hash": "ade11bad63e04a74624dd6188ecd3da7"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "f8771abd7ad1f75c0c7aedb3d9a44995"}, {"key": "published", "hash": "101b7284092e44eb79b50c654f2b8df1"}, {"key": "references", "hash": "c11f5108dcf5b71a60260ad0df2c3385"}, {"key": "reporter", "hash": "1a99a5f9a50e5bac3b749d8558d5e46b"}, {"key": "sourceData", "hash": "07162a2dec072ffcf05d0b55b3ae2703"}, {"key": "title", "hash": "45a14d8c8cd3438c342d2c35129424bd"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "hash": "9db29d09f6a8f57d4d93729d0ad210c05228b5b2042053f25e3457b2967e122d", "viewCount": 0, "enchantments": {"vulnersScore": 7.5}, "objectVersion": "1.3", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_win.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.11 on Windows\";\ntag_insight = \"- An error in handling of error pages, can be used to guess local file paths.\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\";\ntag_solution = \"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803141);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 14:59:24 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_win_900036.nasl\");\n script_require_keys(\"Opera/Win/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.11\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message(0);\n}\n", "naslFamily": "General", "pluginID": "803141"}
{"result": {"cve": [{"id": "CVE-2012-6468", "type": "cve", "title": "CVE-2012-6468", "description": "Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.", "published": "2013-01-02T06:46:22", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6468", "cvelist": ["CVE-2012-6468"], "lastseen": "2017-11-09T12:22:40"}, {"id": "CVE-2012-6469", "type": "cve", "title": "CVE-2012-6469", "description": "Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page.", "published": "2013-01-02T06:46:23", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6469", "cvelist": ["CVE-2012-6469"], "lastseen": "2017-11-09T12:22:40"}], "openvas": [{"id": "OPENVAS:803142", "type": "openvas", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Linux)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=803142", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2017-07-02T21:11:24"}, {"id": "OPENVAS:1361412562310803141", "type": "openvas", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Windows)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803141", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2018-04-06T11:22:19"}, {"id": "OPENVAS:1361412562310803142", "type": "openvas", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Linux)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803142", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2018-04-06T11:23:49"}, {"id": "OPENVAS:803143", "type": "openvas", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=803143", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2017-07-02T21:11:14"}, {"id": "OPENVAS:1361412562310803143", "type": "openvas", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "published": "2013-01-07T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803143", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2018-04-06T11:22:39"}, {"id": "OPENVAS:1361412562310121217", "type": "openvas", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-14", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-14", "published": "2015-09-29T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121217", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "lastseen": "2018-04-09T11:26:05"}], "nessus": [{"id": "OPERA_1211.NASL", "type": "nessus", "title": "Opera < 12.11 Multiple Vulnerabilities", "description": "The version of Opera installed on the remote host is earlier than 12.11 and is, therefore, reportedly affected by the following vulnerabilities :\n\n - A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. (1036)\n\n - An issue exists related to the application's error handling that can allow a malicious website to determine the existence of and path to local files. (1037)", "published": "2012-11-21T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=62984", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2017-10-29T13:38:28"}, {"id": "GENTOO_GLSA-201406-14.NASL", "type": "nessus", "title": "GLSA-201406-14 : Opera: Multiple vulnerabilities", "description": "The remote host is affected by the vulnerability described in GLSA-201406-14 (Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions.\n A local attacker may be able to obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "published": "2014-06-16T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=76065", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "lastseen": "2017-10-29T13:44:08"}], "gentoo": [{"id": "GLSA-201406-14", "type": "gentoo", "title": "Opera: Multiple vulnerabilities", "description": "### Background\n\nOpera is a fast web browser that is available free of charge.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions. \n\nA local attacker may be able to obtain sensitive information.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Opera users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/opera-12.13_p1734\"", "published": "2014-06-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://security.gentoo.org/glsa/201406-14", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "lastseen": "2016-09-06T19:46:00"}]}}