Vulnerabilities > CVE-2009-0916 - Multiple Security vulnerability in Opera Web Browser prior to 9.64
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."
Vulnerable Configurations
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_1_OPERA-090317.NASL description Opera 9.64 is a recommended security and stability upgrade, incorporating the Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to upgrade to Opera 9.64 to take advantage of these improvements (CVE-2009-0914, CVE-2009-0915, CVE-2009-0916). A detailed changelog can be found at http://www.opera.com/docs/changelogs/linux/964/ last seen 2020-06-01 modified 2020-06-02 plugin id 40290 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40290 title openSUSE Security Update : opera (opera-629) code #%NASL_MIN_LEVEL 80502 # # (C) Tenable Network Security, Inc. # # The descriptive text and package checks in this plugin were # extracted from openSUSE Security Update opera-629. # # The text description of this plugin is (C) SUSE LLC. # include("compat.inc"); if (description) { script_id(40290); script_version("1.12"); script_cvs_date("Date: 2019/10/25 13:36:35"); script_cve_id("CVE-2009-0914", "CVE-2009-0915", "CVE-2009-0916"); script_name(english:"openSUSE Security Update : opera (opera-629)"); script_summary(english:"Check for the opera-629 patch"); script_set_attribute( attribute:"synopsis", value:"The remote openSUSE host is missing a security update." ); script_set_attribute( attribute:"description", value: "Opera 9.64 is a recommended security and stability upgrade, incorporating the Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to upgrade to Opera 9.64 to take advantage of these improvements (CVE-2009-0914, CVE-2009-0915, CVE-2009-0916). A detailed changelog can be found at http://www.opera.com/docs/changelogs/linux/964/" ); # http://www.opera.com/docs/changelogs/linux/964/ script_set_attribute( attribute:"see_also", value:"https://help.opera.com/en/latest/" ); script_set_attribute( attribute:"see_also", value:"https://bugzilla.novell.com/show_bug.cgi?id=481892" ); script_set_attribute(attribute:"solution", value:"Update the affected opera package."); script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C"); script_cwe_id(399); script_set_attribute(attribute:"plugin_type", value:"local"); script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:opera"); script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:11.1"); script_set_attribute(attribute:"patch_publication_date", value:"2009/03/17"); script_set_attribute(attribute:"plugin_publication_date", value:"2009/07/21"); script_end_attributes(); script_category(ACT_GATHER_INFO); script_copyright(english:"This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof."); script_family(english:"SuSE Local Security Checks"); script_dependencies("ssh_get_info.nasl"); script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list", "Host/cpu"); exit(0); } include("audit.inc"); include("global_settings.inc"); include("rpm.inc"); if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED); release = get_kb_item("Host/SuSE/release"); if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE"); if (release !~ "^(SUSE11\.1)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "11.1", release); if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING); ourarch = get_kb_item("Host/cpu"); if (!ourarch) audit(AUDIT_UNKNOWN_ARCH); if (ourarch !~ "^(i586|i686|x86_64)$") audit(AUDIT_ARCH_NOT, "i586 / i686 / x86_64", ourarch); flag = 0; if ( rpm_check(release:"SUSE11.1", reference:"opera-9.64-1.1.1") ) flag++; if (flag) { if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get()); else security_hole(0); exit(0); } else { tested = pkg_tests_get(); if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested); else audit(AUDIT_PACKAGE_NOT_INSTALLED, "opera"); }NASL family SuSE Local Security Checks NASL id SUSE_OPERA-6094.NASL description Opera 9.64 is a recommended security and stability upgrade, incorporating the Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to upgrade to Opera 9.64 to take advantage of these improvements (CVE-2009-0914, CVE-2009-0915, CVE-2009-0916). A detailed changelog can be found at http://www.opera.com/docs/changelogs/linux/964/ last seen 2020-06-01 modified 2020-06-02 plugin id 35957 published 2009-03-18 reporter This script is Copyright (C) 2009-2019 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35957 title openSUSE 10 Security Update : opera (opera-6094) NASL family Windows NASL id OPERA_964.NASL description The version of Opera installed on the remote host is earlier than 9.64 and thus reportedly affected by multiple issues : - A memory-corruption vulnerability when processing specially crafted JPEG files could allow an attacker to execute arbitrary code with the privileges of the affected application. (926) - It may be possible for certain plugins to execute arbitrary code in the context of a different domain. An attacker could exploit this to steal authentication credentials as well as carry out other attacks. last seen 2020-06-01 modified 2020-06-02 plugin id 35761 published 2009-03-03 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/35761 title Opera < 9.64 Multiple Vulnerabilities NASL family SuSE Local Security Checks NASL id SUSE_11_0_OPERA-090317.NASL description Opera 9.64 is a recommended security and stability upgrade, incorporating the Opera Presto 2.1.1 user agent engine. Opera highly recommends all users to upgrade to Opera 9.64 to take advantage of these improvements (CVE-2009-0914, CVE-2009-0915, CVE-2009-0916). A detailed changelog can be found at http://www.opera.com/docs/changelogs/linux/964/ last seen 2020-06-01 modified 2020-06-02 plugin id 40095 published 2009-07-21 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/40095 title openSUSE Security Update : opera (opera-629)
References
- http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00004.html
- http://secunia.com/advisories/34135
- http://secunia.com/advisories/34418
- http://www.opera.com/docs/changelogs/freebsd/964/
- http://www.opera.com/docs/changelogs/linux/964/
- http://www.opera.com/docs/changelogs/mac/964/
- http://www.opera.com/docs/changelogs/solaris/964/
- http://www.opera.com/docs/changelogs/windows/964/
- http://www.securityfocus.com/bid/33961
- http://www.vupen.com/english/advisories/2009/0586