| VID |
28688 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Opera web browser which is older than version 9.02 has been installed on the host. Opera is a Web browser, developed by Opera Software, for multiple operating systems. Opera versions prior to 9.02 are vulnerable to a heap-based buffer overflow vulnerability when parsing a long URL in a tag (long link address), which could be exploited by remote attackers to execute arbitrary commands via a specially crafted web page. A remote attacker could construct a hostile Web site containing an overly long URL in a tag, which would be executed in the victim's Web browser within the security context of the hosting site, once the malicious link is clicked.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.opera.com/support/search/supsearch.dml?index=848
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=424
http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0347.html
* Platforms Affected:
Opera Software, Opera versions prior to 9.02
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Opera (9.02 or later), available from the Opera Web site at http://www.opera.com/download/ |
| Related URL |
CVE-2006-4819 (CVE) |
| Related URL |
20591 (SecurityFocus) |
| Related URL |
29632 (ISS) |
|
