Opera Multiple Vulnerabilities - Nov09 (Win) Network Vulnerability

Summary

This host is installed with Opera Web Browser and is prone to multiple vulnerabilities.

Impact

Attacker can exploit this issue to disclose sensitive information, conduct spoofing attacks, Denial of Service or compromise a user's system. Impact Level: Application

Solution

Upgrade to Opera version 10.01 or later http://www.opera.com/browser/download/

Insight

- An error when processing domain names can be exploited to cause a memory corruption. - An error when processing web fonts can be exploited to change the font of the address field and display an arbitrary domain name as an address.

Affected

Opera version prior to 10.01 on Windows.

References

http://secunia.com/advisories/37182
http://www.opera.com/docs/changelogs/windows/1001
http://www.opera.com/support/kb/view/938/
http://www.vupen.com/english/advisories/2009/3073

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-3831, CVE-2009-3832

CVSS	Base Score: 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C

Related Vulnerabilities

Adobe Reader/Acrobat JavaScript Method Handling Vulnerability (Linux)
ClamAV get_unicode_name() Off-By-One Heap based BOF Vulnerability
ClamAV 'find_stream_bounds()' PDF File Processing Denial Of Service Vulnerability
Asterisk IAX2 Call Number Exhaustion DOS Vulnerability (Linux)
Adobe Reader '.ETD File' Denial of Service Vulnerability (Windows)

Take action and discover your vulnerabilities