ID OPENVAS:803141 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2017-05-12T00:00:00
Description
The host is installed with Opera and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_opera_mult_vuln02_jan13_win.nasl 6115 2017-05-12 09:03:25Z teissa $
#
# Opera Multiple Vulnerabilities-02 Jan13 (Windows)
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will let the attacker crash the browser leading to
denial of service, execute the arbitrary code or disclose the information.
Impact Level: System/Application";
tag_affected = "Opera version before 12.11 on Windows";
tag_insight = "- An error in handling of error pages, can be used to guess local file paths.
- An error when requesting pages using HTTP, causes a buffer overflow, which
in turn can lead to a memory corruption and crash.";
tag_solution = "Upgrade to Opera version 12.11 or later,
For updates refer to http://www.opera.com/";
tag_summary = "The host is installed with Opera and is prone to multiple
vulnerabilities.";
if(description)
{
script_id(803141);
script_version("$Revision: 6115 $");
script_cve_id("CVE-2012-6468", "CVE-2012-6469");
script_bugtraq_id(56594);
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $");
script_tag(name:"creation_date", value:"2013-01-07 14:59:24 +0530 (Mon, 07 Jan 2013)");
script_name("Opera Multiple Vulnerabilities-02 Jan13 (Windows)");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1037/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1036/");
script_xref(name : "URL" , value : "http://www.opera.com/docs/changelogs/unified/1212/");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("General");
script_dependencies("secpod_opera_detection_win_900036.nasl");
script_require_keys("Opera/Win/Version");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
operaVer = "";
## Get Opera version from KB
operaVer = get_kb_item("Opera/Win/Version");
if(!operaVer){
exit(0);
}
## Check for opera versions prior to 12.11
if(version_is_less(version:operaVer, test_version:"12.11")){
security_message(0);
}
{"bulletinFamily": "scanner", "viewCount": 0, "naslFamily": "General", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "2566185fab6e705a0374dd7efe53b5d5"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "bb2747f4c94a990a47535ef3d7c8ab74"}, {"key": "href", "hash": "21acef353333229d08d126fdd6429348"}, {"key": "modified", "hash": "ade11bad63e04a74624dd6188ecd3da7"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "f8771abd7ad1f75c0c7aedb3d9a44995"}, {"key": "published", "hash": "101b7284092e44eb79b50c654f2b8df1"}, {"key": "references", "hash": "c11f5108dcf5b71a60260ad0df2c3385"}, {"key": "reporter", "hash": "1a99a5f9a50e5bac3b749d8558d5e46b"}, {"key": "sourceData", "hash": "07162a2dec072ffcf05d0b55b3ae2703"}, {"key": "title", "hash": "45a14d8c8cd3438c342d2c35129424bd"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "href": "http://plugins.openvas.org/nasl.php?oid=803141", "modified": "2017-05-12T00:00:00", "objectVersion": "1.3", "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "vulnersScore": 7.5}, "id": "OPENVAS:803141", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Windows)", "hash": "9db29d09f6a8f57d4d93729d0ad210c05228b5b2042053f25e3457b2967e122d", "edition": 1, "published": "2013-01-07T00:00:00", "type": "openvas", "history": [], "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "lastseen": "2017-07-02T21:11:11", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_win.nasl 6115 2017-05-12 09:03:25Z teissa $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.11 on Windows\";\ntag_insight = \"- An error in handling of error pages, can be used to guess local file paths.\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\";\ntag_solution = \"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803141);\n script_version(\"$Revision: 6115 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-12 11:03:25 +0200 (Fri, 12 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 14:59:24 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_win_900036.nasl\");\n script_require_keys(\"Opera/Win/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.11\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message(0);\n}\n", "pluginID": "803141"}
{"cve": [{"lastseen": "2017-11-09T12:22:40", "references": ["http://www.securityfocus.com/bid/56594", "http://www.opera.com/docs/changelogs/unified/1211/", "http://www.opera.com/support/kb/view/1036/"], "edition": 3, "description": "Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6468", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6468"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:12.10", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2015-10-08T10:30:29", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6468", "id": "CVE-2012-6468", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.securityfocus.com/bid/56594", "http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1211/"], "edition": 3, "description": "Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page.", "reporter": "NVD", "published": "2013-01-02T06:46:23", "title": "CVE-2012-6469", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6469"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:12.10", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2015-10-08T10:31:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6469", "id": "CVE-2012-6469", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "openvas": [{"lastseen": "2017-07-02T21:11:24", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "803142", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "title": "Opera Multiple Vulnerabilities-02 Jan13 (Linux)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2017-05-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803142", "id": "OPENVAS:803142", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_lin.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.11 on Linux\";\ntag_insight = \"- An error in handling of error pages, can be used to guess local file paths.\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\";\ntag_solution = \"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803142);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:27:43 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\",\n \"ssh_authorization_init.nasl\");\n script_require_keys(\"Opera/Linux/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.11\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:39:11", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "1361412562310803142", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803142", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803142", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_lin.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803142\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:27:43 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\");\n script_mandatory_keys(\"Opera/Linux/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n\n script_tag(name:\"affected\", value:\"Opera version before 12.11 on Linux\");\n\n script_tag(name:\"insight\", value:\"- An error in handling of error pages, can be used to guess local file paths.\n\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:38:22", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "1361412562310803141", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 7, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803141", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803141", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_win.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803141\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 14:59:24 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_portable_win.nasl\");\n script_mandatory_keys(\"Opera/Win/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n script_tag(name:\"affected\", value:\"Opera version before 12.11 on Windows\");\n script_tag(name:\"insight\", value:\"- An error in handling of error pages, can be used to guess local file paths.\n\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\");\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\");\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:14", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "803143", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2017-05-05T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803143", "id": "OPENVAS:803143", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_macosx.nasl 6074 2017-05-05 09:03:14Z teissa $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.11 on Mac OS X\";\ntag_insight = \"- An error in handling of error pages, can be used to guess local file paths.\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\";\ntag_solution = \"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803143);\n script_version(\"$Revision: 6074 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-05 11:03:14 +0200 (Fri, 05 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:36:59 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Opera/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/MacOSX/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.11\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:39:07", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1212/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "1361412562310803143", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 5, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803143", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803143", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln02_jan13_macosx.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803143\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:36:59 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-02 Jan13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1037/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1036/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1212/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_macosx.nasl\");\n script_mandatory_keys(\"Opera/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n\n script_tag(name:\"affected\", value:\"Opera version before 12.11 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"- An error in handling of error pages, can be used to guess local file paths.\n\n - An error when requesting pages using HTTP, causes a buffer overflow, which\n in turn can lead to a memory corruption and crash.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.11 or later,\n For updates refer to http://www.opera.com/\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/MacOSX/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.11\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:41", "references": ["https://security.gentoo.org/glsa/201406-14"], "pluginID": "1361412562310121217", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-14", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-14", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310121217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121217", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201406-14.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121217\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:27:22 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-14\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201406-14\");\nscript_cve_id(\"CVE-2012-6461\",\"CVE-2012-6462\",\"CVE-2012-6463\",\"CVE-2012-6464\",\"CVE-2012-6465\",\"CVE-2012-6466\",\"CVE-2012-6467\",\"CVE-2012-6468\",\"CVE-2012-6469\",\"CVE-2012-6470\",\"CVE-2012-6471\",\"CVE-2012-6472\",\"CVE-2013-1618\",\"CVE-2013-1637\",\"CVE-2013-1638\",\"CVE-2013-1639\");\nscript_tag(name:\"cvss_base\", value:\"9.3\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-14\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/opera\", unaffected: make_list(\"ge 12.13_p1734\"), vulnerable: make_list(\"lt 12.13_p1734\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:47:40", "references": ["http://www.opera.com/support/kb/view/1037/", "http://www.opera.com/docs/changelogs/unified/1211/", "http://www.opera.com/support/kb/view/1036/"], "pluginID": "62984", "description": "The version of Opera installed on the remote host is earlier than 12.11 and is, therefore, reportedly affected by the following vulnerabilities :\n\n - A heap-based buffer overflow error exists related to handling HTTP responses that can lead to application crashes or arbitrary code execution. (1036)\n\n - An issue exists related to the application's error handling that can allow a malicious website to determine the existence of and path to local files. (1037)", "edition": 5, "reporter": "Tenable", "published": "2012-11-21T00:00:00", "title": "Opera < 12.11 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 7.5}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6468", "CVE-2012-6469"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:opera:opera_browser"], "id": "OPERA_1211.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62984", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62984);\n script_version(\"1.6\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n\n script_cve_id(\"CVE-2012-6468\", \"CVE-2012-6469\");\n script_bugtraq_id(56594);\n\n script_name(english:\"Opera < 12.11 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Opera\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by multiple\nvulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Opera installed on the remote host is earlier than 12.11\nand is, therefore, reportedly affected by the following \nvulnerabilities :\n\n - A heap-based buffer overflow error exists related to\n handling HTTP responses that can lead to application\n crashes or arbitrary code execution. (1036)\n\n - An issue exists related to the application's error\n handling that can allow a malicious website to determine\n the existence of and path to local files. (1037)\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1036/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1037/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/docs/changelogs/unified/1211/\");\n script_set_attribute(attribute:\"solution\", value: \"Upgrade to Opera 12.11 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/20\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/21\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:opera:opera_browser\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"opera_installed.nasl\");\n script_require_keys(\"SMB/Opera/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\nversion = get_kb_item_or_exit(\"SMB/Opera/Version\");\npath = get_kb_item_or_exit(\"SMB/Opera/Path\");\n\nversion_ui = get_kb_item(\"SMB/Opera/Version_UI\");\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui; \n\nfixed_version = \"12.11.1661.0\";\n\n# Check if we need to display full version info in case of Alpha/Beta/RC\nmajor_minor = eregmatch(string:version, pattern:\"^([0-9]+\\.[0-9]+)\");\nif (major_minor[1] == \"12.11\")\n{\n fixed_version_report = fixed_version;\n version_report = version;\n}\nelse fixed_version_report = \"12.11\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n\n if (report_verbosity > 0)\n {\n report = \n '\\n Path : ' + path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fixed_version_report +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Opera\", version_report, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:05:24", "references": ["https://security.gentoo.org/glsa/201406-14"], "pluginID": "76065", "description": "The remote host is affected by the vulnerability described in GLSA-201406-14 (Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions.\n A local attacker may be able to obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "reporter": "Tenable", "published": "2014-06-16T00:00:00", "title": "GLSA-201406-14 : Opera: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2015-04-13T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:opera", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201406-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76065", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201406-14.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76065);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/04/13 14:27:08 $\");\n\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\", \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\", \"CVE-2012-6468\", \"CVE-2012-6469\", \"CVE-2012-6470\", \"CVE-2012-6471\", \"CVE-2012-6472\", \"CVE-2013-1618\", \"CVE-2013-1637\", \"CVE-2013-1638\", \"CVE-2013-1639\");\n script_bugtraq_id(56407, 56594, 56788, 56980, 56984, 57120, 57121, 57132, 57633, 57773);\n script_xref(name:\"GLSA\", value:\"201406-14\");\n\n script_name(english:\"GLSA-201406-14 : Opera: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201406-14\n(Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted web\n page using Opera, possibly resulting in execution of arbitrary code with\n the privileges of the process or a Denial of Service condition.\n Furthermore, a remote attacker may be able to obtain sensitive\n information, conduct Cross-Site Scripting (XSS) attacks, or bypass\n security restrictions.\n A local attacker may be able to obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201406-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Opera users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-12.13_p1734'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/opera\", unaffected:make_list(\"ge 12.13_p1734\"), vulnerable:make_list(\"lt 12.13_p1734\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Opera\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:00", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6465", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1638", "https://bugs.gentoo.org/show_bug.cgi?id=442044", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1639", "https://bugs.gentoo.org/show_bug.cgi?id=454654", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1618", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6472", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6464", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6469", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1637", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6461", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6463", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6468", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6466", "https://bugs.gentoo.org/show_bug.cgi?id=444040", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6462", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6471", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6470", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6467", "https://bugs.gentoo.org/show_bug.cgi?id=446096"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "12.13_p1734", "packageName": "www-client/opera", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nOpera is a fast web browser that is available free of charge.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions. \n\nA local attacker may be able to obtain sensitive information.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Opera users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/opera-12.13_p1734\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-06-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "Opera: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2014-06-15T00:00:00", "id": "GLSA-201406-14", "href": "https://security.gentoo.org/glsa/201406-14", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
