Opera Information Disclosure And Unspecified Vulnerabilities - (Win) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to Information Disclosure and other unspecified vulnerabilities.

Impact

Successful exploitation will allow remote attackers to launch cross-site scripting attacks or potentially obtain sensitive information and second issue has an unknown, but moderate, impact. Impact Level: Application

Solution

Upgrade to Opera 10.10 http://www.opera.com/download/?custom=yes

Insight

- Opera stores certain scripting error messages in variables which can be read by web sites which can be exploited to execute arbitrary HTML and script code in a user's browser session. - A vulnerability is due to an unspecified error.

Affected

Opera version prior to 10.10 on Windows.

References

http://secunia.com/advisories/37469/
http://www.opera.com/docs/changelogs/windows/1010/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4071, CVE-2009-4072

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Flash Player Buffer Overflow Vulnerability - Apr14 (Mac OS X)
Adobe Air Code Execution and DoS Vulnerabilities (MAC OS X)
Adobe Acrobat and Reader PDF Handling Code Execution Vulnerability (Linux)
Adobe AIR Multiple Vulnerabilities -01 April 13 (Windows)
Adobe AIR Code Execution and DoS Vulnerabilities Nov13 (Windows)

Opera Information Disclosure and Unspecified Vulnerabilities - (Win)

Take action and discover your vulnerabilities