Summary
This host is installed with Opera Web Browser and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will allow attackers to conduct Cross-Site Scripting attacks in the victim's system.
Impact Level: Application
Solution
Upgrade to Opera version 9.64 or later and 10.10 or later.
For updates refer to http://www.opera.com/
Insight
Error occurs when application fails to sanitise the 'javascript:' and 'data:' URIs in Location headers in HTTP responses, which can be exploited via vectors related to injecting a Location header.
Affected
Opera version 9.52 and prior and 10.00 Beta 3 Build 1699 on Windows.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-3013 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe Flash Player/Air Multiple Vulnerabilities -feb10 (Win)
- Adobe Reader Multiple Vulnerabilities - Aug07 (Mac OS X)
- Adobe Reader Information Disclosure & Code Execution Vulnerabilities (Linux)
- Adobe Reader Privelege Escalation Vulnerability - Jul07 (Mac OS X)
- Apple Safari 'Webkit' Multiple Vulnerabilities-01 Mar14 (Mac OS X)