Opera 'XSLT' Information Disclosure Vulnerability - (Win) Network Vulnerability

Summary

The host is installed with Opera Web Browser and is prone to information disclosure vulnerability.

Impact

Successful exploitation will allow remote attackers to obtain sensitive information via a crafted document. Impact Level: Application

Solution

Upgrade to the opera version 10.51 or later, For updates refer to http://www.opera.com/download/?os=windows&list=all

Insight

The flaw is due to an error in handling of 'XSLT' constructs which can cause Opera to retrieve the wrong contents for the resulting document. These contents will appear randomly from the cached versions of any Web page that has previously been visited.

Affected

Opera version 10.50 and on Windows.

References

http://secunia.com/advisories/38820
http://www.opera.com/docs/changelogs/windows/1051/
http://www.opera.com/support/kb/view/949/

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-1310

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Adobe Flash Player Multiple Security Bypass Vulnerabilities - 01 Feb14 (Windows)
Apple Safari 'Webkit' Information Disclosure Vulnerability (Win)
Adobe Reader Plugin Signature Bypass Vulnerability (Windows)
Apple Mac OS X Denial of Service Vulnerability
Apache Tomcat Multiple Vulnerabilities-01 (Nov14)

Take action and discover your vulnerabilities