Vulnerabilities > CVE-2007-4367 - Release of Invalid Pointer or Reference vulnerability in Opera Browser
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_OPERA-4172.NASL description This update of opera fixes a security vulnerabilities that allowed the execution of arbitrary code by using JavaScript. (CVE-2007-4367) last seen 2020-06-01 modified 2020-06-02 plugin id 27378 published 2007-10-17 reporter This script is Copyright (C) 2007-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/27378 title openSUSE 10 Security Update : opera (opera-4172) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update opera-4172. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(27378); script_version ("1.12"); script_cvs_date("Date: 2019/10/25 13:36:30"); script_cve_id("CVE-2007-4367"); script_name(english:"openSUSE 10 Security Update : opera (opera-4172)"); script_summary(english:"Check for the opera-4172 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "This update of opera fixes a security vulnerabilities that allowed the execution of arbitrary code by using JavaScript. (CVE-2007-4367)" ); script_set_attribute(attribute:"solution", value:"Update the affected opera package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C"); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opera"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2"); script_set_attribute(attribute:"patch_publication_date", value:"2007/08/29"); script_set_attribute(attribute:"plugin_publication_date", value:"2007/10/17"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE10\.1|SUSE10\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE10.1", reference:"opera-9.23-2.2") ) flag++; if ( rpm_check(release:"SUSE10.2", reference:"opera-9.23-3.2") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "opera"); }NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-200708-17.NASL description The remote host is affected by the vulnerability described in GLSA-200708-17 (Opera: Multiple vulnerabilities) An error known as last seen 2020-06-01 modified 2020-06-02 plugin id 26040 published 2007-09-14 reporter This script is Copyright (C) 2007-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/26040 title GLSA-200708-17 : Opera: Multiple vulnerabilities NASL family Windows NASL id OPERA_923.NASL description The version of Opera installed on the remote host reportedly allows for execution of arbitrary code via specially crafted JavaScript if a user can be tricked into visiting a malicious site. last seen 2020-06-01 modified 2020-06-02 plugin id 25900 published 2007-08-16 reporter This script is Copyright (C) 2007-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/25900 title Opera < 9.23 Crafted Javascript Arbitrary Code Execution
References
- http://www.opera.com/support/search/view/865/
- http://www.securityfocus.com/bid/25331
- http://secunia.com/advisories/26477
- http://security.gentoo.org/glsa/glsa-200708-17.xml
- http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00006.html
- http://www.securitytracker.com/id?1018572
- http://secunia.com/advisories/26635
- http://secunia.com/advisories/26545
- http://www.vupen.com/english/advisories/2007/2904
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36039