Opera Extended Validation Information Disclosure Vulnerabilities (Windows) Network Vulnerability

Summary

The host is installed with Opera and is prone to information disclosure vulnerability.

Impact

Successful exploitation allows remote attackers to steal sensitive security information. Impact Level: Application

Solution

Upgrade to Opera version 11.51 or later. For updates refer to http://www.opera.com/download/

Insight

Multiple flaws are due to an error when loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site and loading an insecure site to appear secure via unspecified actions related to Extended Validation.

Affected

Opera version before 11.51

References

http://osvdb.org/74828
http://osvdb.org/show/osvdb/74829
http://secunia.com/advisories/45791
http://www.opera.com/support/kb/view/1000/
http://www.securitytracker.com/id?1025997

Updated on 2015-03-25

Severity

Classification

CVE CVE-2011-3388, CVE-2011-3389

CVSS	Base Score: 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Adobe Flex SDK 'SWF' Files Cross-Site Scripting Vulnerability (Windows)
Adobe Reader Plugin Signature Bypass Vulnerability (Linux)
Apple Safari Multiple Memory Corruption Vulnerabilities-02 Apr14 (Mac OS X)
Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)
Apple Safari Secure Cookie Security Bypass Vulnerability (Mac OS X)

Take action and discover your vulnerabilities