| VID |
28681 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Opera web browser which is older than version 9.00 has been installed on the host. Opera is a Web browser, developed by Opera Software, for multiple operating systems. Opera versions prior to 9.00 are vulnerable to a buffer overflow vulnerability when processing JPEG images, which could be exploited by remote attackers to execute arbitrary commands via a specially crafted web page. A remote attacker could construct a hostile Web site that contains a malicious script exploiting this vulnerability, which would be executed in the victim's Web browser within the security context of the hosting site, once the malicious link is clicked. In addition, it is reportedly prone to security-bar spoofing, which could be exploited to display the SSL certificate from a trusted site on an untrusted site. This weakness also might be useful in phishing or other attacks that rely on content spoofing.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.opera.com/support/search/supsearch.dml?index=834
http://www.securityfocus.com/archive/1/438074/30/0/threaded
http://secunia.com/secunia_research/2006-49/advisory/
* Platforms Affected:
Opera Software, Opera versions prior to 9.00
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Opera (9.00 or later), available from the Opera Web site at http://www.opera.com/download/ |
| Related URL |
CVE-2006-3198 (CVE) |
| Related URL |
18594,18692 (SecurityFocus) |
| Related URL |
27318 (ISS) |
|
