Opera Web Browser Multiple XSS Vulnerability (Linux) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to multiple Cross Site Scripting (XSS) Vulnerability.

Impact

Successful remote attack could inject arbitrary code, launch cross site attacks, information disclosure and can even steal related DB (DataBase) contents. Impact Level: Application

Solution

Upgrade to Opera 9.61 http://www.opera.com/download/

Insight

Flaws are due to, - the URL of visited pages are not properly sanitised by the History Search functionality before being used. - an error in the implementation of the Fast Forward feature. - an error while blocking scripts during a news feed preview.

Affected

Opera version prior to 9.61 on Linux.

References

http://www.opera.com/support/search/view/903/
http://www.opera.com/support/search/view/904/
http://www.opera.com/support/search/view/905/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2008-4696, CVE-2008-4697, CVE-2008-4698, CVE-2008-4725

CVSS	Base Score: 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N

Related Vulnerabilities

Apple Safari 'setInterval()' Address Bar Spoofing Vulnerability (Win)
Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
Apple Safari Webcore Webkit 'XSSAuditor.cpp' XSS Vulnerability (Windows)
Arora Common Name SSL Certificate Spoofing Vulnerability (Linux)
Apple Mac OS X Denial of Service Vulnerability

Take action and discover your vulnerabilities