| VID |
28839 |
| Severity |
30 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
A version of Opera web browser which is older than version 11.10 has been installed on the host. Opera is a Web browser, developed by Opera Software, for multiple operating systems. Opera versions prior to 11.10 are vulnerable to multiple vulnerabilities.
- An unspecified vulnerability allows remote attackers to hijack searches and customizations using unspecified third-party applications. (CVE-2011-2634)
- Several errors exist that can cause application crashes. Affected items or functionalities are the handling of the CSS pseudo-class ':hover' if used with transforms on a floated element, unspecified web content, and the handling of an embedded Java applet with empty parameters. (CVE-2011-2635, CVE-2011-2636, CVE-2011-2637, CVE-2011-2638, CVE-2011-2640)
- An error in the handling of hidden animated GIF images can cause a denial of service through CPU consumption as image repaints are triggered. (CVE-2011-2639)
* Note: This check solely relied on the banner of the remote Web server to assess this vulnerability, so this might be a false positive.
* References:
http://www.opera.com/docs/changelogs/windows/1110/
* Platforms Affected:
Opera Software, Opera versions prior to 11.10 |
| Recommendation |
Upgrade to the latest version of Opera (11.10 or later), available from the Opera Web site at http://www.opera.com/download/ |
| Related URL |
CVE-2011-2634,CVE-2011-2635,CVE-2011-2636,CVE-2011-2637,CVE-2011-2638,CVE-2011-2639,CVE-2011-2640 (CVE) |
| Related URL |
48569 (SecurityFocus) |
| Related URL |
(ISS) |
|
