Opera Extended Validation Information Disclosure Vulnerabilities (Linux) Network Vulnerability

Summary

The host is installed with Opera and is prone to information disclosure vulnerabilities.

Impact

Successful exploitation allows remote attackers to steal sensitive security information. Impact Level: Application

Solution

Upgrade to Opera version 11.51 or later, For updates refer to http://www.opera.com/download/

Insight

Multiple flaws are due to an error when loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site and loading an insecure site to appear secure via unspecified actions related to Extended Validation.

Affected

Opera version before 11.51 on Linux

References

http://osvdb.org/74828
http://osvdb.org/show/osvdb/74829
http://secunia.com/advisories/45791
http://www.opera.com/support/kb/view/1000/
http://www.securitytracker.com/id?1025997

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3388, CVE-2011-3389

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apple Safari Multiple Vulnerabilities Dec13 (Mac OS X)
Adobe Flash Media Server Video Stream Capture Security Issue
Apache Traffic Server Remote DNS Cache Poisoning Vulnerability
Brother HL-5370DW Printer 'post/panel.html' Security Bypass Vulnerability
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)

Take action and discover your vulnerabilities