Opera Information Disclosure And Unspecified Vulnerabilities - (Win) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to Information Disclosure and other unspecified vulnerabilities.

Impact

Successful exploitation will allow remote attackers to launch cross-site scripting attacks or potentially obtain sensitive information and second issue has an unknown, but moderate, impact. Impact Level: Application

Solution

Upgrade to Opera 10.10 http://www.opera.com/download/?custom=yes

Insight

- Opera stores certain scripting error messages in variables which can be read by web sites which can be exploited to execute arbitrary HTML and script code in a user's browser session. - A vulnerability is due to an unspecified error.

Affected

Opera version prior to 10.10 on Windows.

References

http://secunia.com/advisories/37469/
http://www.opera.com/docs/changelogs/windows/1010/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-4071, CVE-2009-4072

CVSS	Base Score: 10.0 AV:N/AC:L/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Acrobat Multiple Unspecified Vulnerabilities - Mac OS X
Adobe Flash Player Code Execution and DoS Vulnerabilities (Linux)
Adobe Acrobat and Reader Multiple Vulnerabilities -July10 (Windows)
Adobe AIR Multiple Vulnerabilities-01 Jan15 (Windows)
3S CoDeSys CmpWebServer Multiple Vulnerabilities

Opera Information Disclosure and Unspecified Vulnerabilities - (Win)

Take action and discover your vulnerabilities