Summary
The host is installed with Opera and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the browser, inject scripts, bypass certain security restrictions, or cause a denial of service condition.
Impact Level: Application
Solution
Upgrade to the Opera version 11.60 or later,
For updates refer to http://www.opera.com/download/
Insight
Multiple flwas are due to,
- Improper handling of the number of .(dot) characters that conventionally exist in domain names of different top-level domains.
- Implementation errors in the 'JavaScript' engine, 'Web Workers' and 'in' operator.
- An error when handling certificate revocation related to 'corner cases'.
- An error in Dragonfly in opera.
Affected
Opera version before 11.60 on Linux
References
Severity
Classification
-
CVE CVE-2011-4681, CVE-2011-4682, CVE-2011-4683, CVE-2011-4684, CVE-2011-4685, CVE-2011-4686, CVE-2011-4687 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Active Perl Locale::Maketext Module Multiple Code Injection Vulnerabilities (Windows)
- Adobe AIR Multiple Vulnerabilities-01 Jun14 (Mac OS X)
- Adobe Air Multiple Vulnerabilities - November12 (Windows)
- Adobe AIR Security Bypass Vulnerability Jan14 (Windows)
- Adobe Acrobat Multiple Vulnerabilities -01 Jan 13 (Mac OS X)