Summary
The host is installed with Opera browser and is prone to multiple vulnerabilities.
Impact
Successful exploitation will allow remote attackers to execute arbitrary code and cause a denial of service.
Impact Level: System/Application
Solution
Upgrade to Opera Web Browser version 11.10 or later, For updates refer to http://www.opera.com/download/
Insight
The flaws are due to
- An error in cascading Style Sheets (CSS) implementation, allows attackers to cause denial of service via vectors involving use of the hover pseudo class.
- A Hijacking searches and other customisations in Opera.
- An error Tomato Firmware v1.28.1816 Status Device List page in Opera.
- Crashes on futura-sciences.com, seoptimise.com, mitosyfraudes.org.
- Crash occurring with games on zylom.com.
- A Hidden animated '.gif' causing high CPU load, because of constant repaints.
- A crash when passing empty parameter to a Java applet.
Affected
Opera Web Browser version prior 11.10 on Linux
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2011-2634, CVE-2011-2635, CVE-2011-2636, CVE-2011-2637, CVE-2011-2638, CVE-2011-2639, CVE-2011-2640 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)
- Adobe Reader Information Disclosure & Denial of Service Vulnerabilities (Windows)
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Mac OS X)
- Apple Safari 'SRC' Remote Denial Of Service Vulnerability
- Adobe Reader Plugin Signature Bypass Vulnerability (Windows)