Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | |||
ID de Prueba: | 1.3.6.1.4.1.25623.1.0.902667 |
Categoría: | General |
Título: | Opera Multiple Vulnerabilities - March12 (MacOSX) |
Resumen: | The host is installed with Opera and is prone to multiple; vulnerabilities. |
Descripción: | Summary: The host is installed with Opera and is prone to multiple vulnerabilities. Vulnerability Insight: Multiple flaws are due to - An error in web page dialogs handling, which displays the wrong address in the address field. - An error in history.state, which leaks the state data from cross domain pages via history.pushState() and history.replaceState() functions. - Fails to ensure that a dialog window is placed on top of content windows, allows attackers to trick users into executing downloads. - A small window for the download dialog. - A timed page reloads and redirects to different domains. - The web page content displayed outside of the intended content area. Vulnerability Impact: Successful exploitation could allow attackers to execute arbitrary code in the context of the browser, inject scripts, bypass certain security restrictions, conduct spoofing attacks, or cause a denial of service condition. Affected Software/OS: Opera version before 11.62 Solution: Upgrade to the Opera version 11.62 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P |
Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2012-1924 http://osvdb.org/80620 http://secunia.com/advisories/48535 SuSE Security Announcement: openSUSE-SU-2012:0610 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html XForce ISS Database: opera-dialog-box-code-execution(74349) https://exchange.xforce.ibmcloud.com/vulnerabilities/74349 Common Vulnerability Exposure (CVE) ID: CVE-2012-1925 http://osvdb.org/80621 XForce ISS Database: opera-content-window-code-exec(74503) https://exchange.xforce.ibmcloud.com/vulnerabilities/74503 Common Vulnerability Exposure (CVE) ID: CVE-2012-1926 http://osvdb.org/80622 XForce ISS Database: opera-historypushstate-info-disclosure(74351) https://exchange.xforce.ibmcloud.com/vulnerabilities/74351 Common Vulnerability Exposure (CVE) ID: CVE-2012-1927 http://osvdb.org/80623 XForce ISS Database: opera-address-field-spoofing(74502) https://exchange.xforce.ibmcloud.com/vulnerabilities/74502 Common Vulnerability Exposure (CVE) ID: CVE-2012-1928 http://osvdb.org/80624 XForce ISS Database: opera-redirects-spoofing(74353) https://exchange.xforce.ibmcloud.com/vulnerabilities/74353 Common Vulnerability Exposure (CVE) ID: CVE-2012-1929 XForce ISS Database: opera-dialogs-spoofing(74352) https://exchange.xforce.ibmcloud.com/vulnerabilities/74352 |
Copyright | Copyright (C) 2012 Greenbone Networks GmbH |
Esta es sólo una de 99761 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |