The host is installed with Opera web browser and is prone to multiple vulnerabilities.

Successful exploitation will let attackers to cause a denial of service or execute arbitrary code. Impact Level: Application

Upgrade to Opera 10.54 or later, For updates refer to http://www.opera.com/download/?os=windows&list=all

The multiple flaws are cause due to: - Fails to restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains. - Fails to properly restrict access to the full pathname of a file selected for upload, which allows attackers to obtain potentially sensitive information. - Cross site scripting (XSS) vulnerability when handling a data: URI. - Fails to properly enforce permission requirements for widget filesystem.

Opera version prior to 10.54 on Windows.

• http://secunia.com/advisories/40250
• http://www.opera.com/docs/changelogs/windows/1054/
• http://www.opera.com/support/kb/view/962/
• http://www.vupen.com/english/advisories/2010/1529

---

Updated on 2015-03-25