Summary
The host is installed with Opera and is prone to multiple vulnerabilities.
Impact
Successful exploitation could allow attackers to execute arbitrary code in the context of the browser, inject scripts, bypass certain security restrictions, or cause a denial of service condition.
Impact Level: Application
Solution
Upgrade to the Opera version 11.60 or later,
For updates refer to http://www.opera.com/download/
Insight
Multiple flaws are due to
- An improper handling of the number of .(dot) characters that conventionally exist in domain names of different top-level domains.
- An implementation errors in the 'JavaScript' engine, 'Web Workers' and 'in' operator.
- An error when handling certificate revocation related to 'corner cases'.
- An error in Dragonfly in opera.
Affected
Opera version before 11.60
References
Severity
Classification
-
CVE CVE-2011-4681, CVE-2011-4682, CVE-2011-4683, CVE-2011-4684, CVE-2011-4685, CVE-2011-4686, CVE-2011-4687 -
CVSS Base Score: 10.0
AV:N/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Adobe Acrobat Multiple Vulnerabilities-01 Sep14 (Mac OS X)
- Adobe AIR Multiple Vulnerabilities -02 April 13 (Mac OS X)
- Adobe Flash Player 'SWF' File Multiple Code Execution Vulnerability - Mac OS X
- Adobe Flash Player Arbitrary Code Execution Vulnerability - 01 Feb14 (Windows)
- Adobe Air Multiple Vulnerabilities -01 May 13 (Mac OS X)