Summary
This host is installed with Opera Web Browser and is prone to Cross-Site Scripting vulnerability.
Impact
Successful exploitation will allow attackers to conduct Cross-Site Scripting attacks in the victim's system.
Impact Level: Application
Solution
Upgrade to Opera version 9.64 or later and 10.10 or later.
For updates refer to http://www.opera.com/
Insight
Error occurs when application fails to sanitise the 'javascript:' and 'data:' URIs in Location headers in HTTP responses, which can be exploited via vectors related to injecting a Location header.
Affected
Opera version 9.52 and prior and 10.00 Beta 3 Build 1699 on Linux.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2009-3013 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N
Related Vulnerabilities
- Adobe Flash Media Server Video Stream Capture Security Issue
- Adobe Reader Old Plugin Signature Bypass Vulnerability (Windows)
- Apple Mac OS X Denial of Service Vulnerability
- Adobe Reader 'file://' URL Information Disclosure Vulnerability Feb07 (Windows)
- Apple iTunes Tutorials Window Security Bypass Vulnerability (Windows)