Executive Summary
Summary | |
---|---|
Title | Opera: Multiple vulnerabilities |
Informations | |||
---|---|---|---|
Name | GLSA-200903-30 | First vendor Publication | 2009-03-16 |
Vendor | Gentoo | Last vendor Modification | 2009-03-16 |
Severity (Vendor) | Normal | Revision | N/A |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Synopsis Multiple vulnerabilities were found in Opera, the worst of which allow for the execution of arbitrary code. Background Description * Vitaly McLain reported a heap-based buffer overflow when processing host names in file:// URLs (CVE-2008-5178). * Alexios Fakos reported a vulnerability in the HTML parsing engine when processing web pages that trigger an invalid pointer calculation and heap corruption (CVE-2008-5679). * Red XIII reported that certain text-area contents can be manipulated to cause a buffer overlow (CVE-2008-5680). * David Bloom discovered that unspecified "scripted URLs" are not blocked during the feed preview (CVE-2008-5681). * Robert Swiecki of the Google Security Team reported a Cross-site scripting vulnerability (CVE-2008-5682). * An unspecified vulnerability reveals random data (CVE-2008-5683). * Tavis Ormandy of the Google Security Team reported a vulnerability when processing JPEG images that may corrupt memory (CVE pending). Impact Workaround Resolution References Availability http://security.gentoo.org/glsa/glsa-200903-30.xml |
Original Source
Url : http://security.gentoo.org/glsa/glsa-200903-30.xml |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
33 % | CWE-399 | Resource Management Errors |
33 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
17 % | CWE-200 | Information Exposure |
17 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5955 | |||
Oval ID: | oval:org.mitre.oval:def:5955 | ||
Title: | Opera Execution of arbitrary code Vulnerability | ||
Description: | Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0914 | Version: | 7 |
Platform(s): | Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 8.1 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 | Product(s): | Opera Browser |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:6230 | |||
Oval ID: | oval:org.mitre.oval:def:6230 | ||
Title: | Opera Unspecified Vulnerability | ||
Description: | Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2009-0914 | Version: | 3 |
Platform(s): | Microsoft Windows XP Microsoft Windows Vista | Product(s): | Opera Browser |
Definition Synopsis: | |||
CPE : Common Platform Enumeration
SAINT Exploits
Description | Link |
---|---|
Opera file URI buffer overflow | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2009-03-31 | Name : SuSE Security Summary SUSE-SR:2009:007 File : nvt/suse_sr_2009_007.nasl |
2009-03-20 | Name : FreeBSD Ports: opera, linux-opera File : nvt/freebsd_opera16.nasl |
2009-03-20 | Name : Gentoo Security Advisory GLSA 200903-30 (opera) File : nvt/glsa_200903_30.nasl |
2009-03-20 | Name : Opera Web Browser Multiple Vulnerabilities (Linux) File : nvt/secpod_opera_mult_vuln_mar09_lin.nasl |
2009-03-20 | Name : Opera Web Browser Multiple Vulnerabilities (Win) File : nvt/secpod_opera_mult_vuln_mar09_win.nasl |
2008-12-26 | Name : Opera Web Browser Multiple Vulnerabilities - Dec08 (Linux) File : nvt/secpod_opera_mult_vuln_dec08_lin.nasl |
2008-12-26 | Name : Opera Web Browser Multiple Vulnerabilities - Dec08 (Win) File : nvt/secpod_opera_mult_vuln_dec08_win.nasl |
2008-12-23 | Name : FreeBSD Ports: opera, linux-opera File : nvt/freebsd_opera15.nasl |
2008-11-21 | Name : Opera Web Browser Heap Based Buffer Overflow Vulnerability (Win) File : nvt/gb_opera_file_heap_bof_vuln_win.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
52645 | Opera JPEG File Handling Unspecified Arbitrary Code Execution |
51481 | Opera Feed Preview Subscription URL Manipulation / Disclosure |
51047 | Opera Unspecified Random Information Disclosure |
50954 | Opera HTML Parsing Engine Crafted Web Page Arbitrary Code Execution |
50953 | Opera file:// URL Host Name Handling Overflow A remote buffer overflow exists in Opera web browser. Opera incorrectly parses file:// URLs, resulting in a possible buffer overflow. With a specially crafted request, an attacker can cause remote code execution resulting in a loss of confidentiality and/or availability. |
50952 | Opera Crafted Text Area Handling Remote Overflow |
50951 | Opera Built-in XSLT Templates XSS |
49882 | Opera on Windows file:// URI Handling Overflow |
Snort® IPS/IDS
Date | Description |
---|---|
2014-01-10 | Opera file URI handling buffer overflow RuleID : 18597 - Revision : 9 - Type : BROWSER-OTHER |
2014-01-10 | Opera file URI handling buffer overflow RuleID : 17725 - Revision : 11 - Type : BROWSER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_opera-090317.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_opera-090317.nasl - Type : ACT_GATHER_INFO |
2009-03-18 | Name : The remote openSUSE host is missing a security update. File : suse_opera-6094.nasl - Type : ACT_GATHER_INFO |
2009-03-17 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200903-30.nasl - Type : ACT_GATHER_INFO |
2009-03-16 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_8c5205b411a011dea9640030843d3802.nasl - Type : ACT_GATHER_INFO |
2009-03-03 | Name : The remote host contains a web browser that is affected by multiple issues. File : opera_964.nasl - Type : ACT_GATHER_INFO |
2008-12-21 | Name : The remote FreeBSD host is missing one or more security-related updates. File : freebsd_pkg_225bc349ce1011dda7210030843d3802.nasl - Type : ACT_GATHER_INFO |
2008-12-16 | Name : The remote host contains a web browser that is affected by several issues. File : opera_963.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:36:24 |
|