Opera Extended Validation Information Disclosure Vulnerabilities (Linux) Network Vulnerability

Summary

The host is installed with Opera and is prone to information disclosure vulnerabilities.

Impact

Successful exploitation allows remote attackers to steal sensitive security information. Impact Level: Application

Solution

Upgrade to Opera version 11.51 or later, For updates refer to http://www.opera.com/download/

Insight

Multiple flaws are due to an error when loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site and loading an insecure site to appear secure via unspecified actions related to Extended Validation.

Affected

Opera version before 11.51 on Linux

References

http://osvdb.org/74828
http://osvdb.org/show/osvdb/74829
http://secunia.com/advisories/45791
http://www.opera.com/support/kb/view/1000/
http://www.securitytracker.com/id?1025997

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3388, CVE-2011-3389

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Linux)
Apple QuickTime Multiple Arbitrary Code Execution Vulnerabilities (Win)
Adobe Reader Multiple Unspecified Vulnerabilities Jun06 (Mac OS X)
Apache Tomcat Multiple Vulnerabilities - 02 Mar14
Apple Safari 'javascript: URI' XSS Vulnerability - Sep09

Take action and discover your vulnerabilities