Korean
<< Back
VID 28701
Severity 40
Port 139,445
Protocol TCP
Class SMB
Detailed Description A version of Opera web browser which is older than version 9.21 has been installed on the host. Opera is a Web browser, developed by Opera Software, for multiple operating systems. Opera versions prior to 9.21 are vulnerable to a buffer overflow attack. The vulnerability is caused due to an error in the handling of torrent files and can be exploited to cause a buffer overflow when a user right-clicks a malicious torrent entry in the transfer manager. A remote attacker could exploit this vulnerability to execute arbitrary code subject to the privileges of the user.

* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.

* References:
http://www.opera.com/support/search/view/860/
http://secunia.com/advisories/25278/

* Platforms Affected:
Opera Software, Opera versions prior to 9.21
Any operating system Any version
Recommendation Upgrade to the latest version of Opera (9.21 or later), available from the Opera Web site at http://www.opera.com/download/
Related URL CVE-2007-2809 (CVE)
Related URL 24080 (SecurityFocus)
Related URL (ISS)