Vulnerabilities > CVE-2009-4071 - Configuration vulnerability in Opera Browser
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
NONE Summary
Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_6431C4DBDEB411DE90780030843D3802.NASL description Opera Team reports : - Fixed a heap buffer overflow in string to number conversion - Fixed an issue where error messages could leak onto unrelated sites - Fixed a moderately severe issue, as reported by Chris Evans of the Google Security Team; details will be disclosed at a later date. last seen 2020-06-01 modified 2020-06-02 plugin id 42967 published 2009-12-02 reporter This script is Copyright (C) 2009-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/42967 title FreeBSD : opera -- multiple vulnerabilities (6431c4db-deb4-11de-9078-0030843d3802) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201206-03.NASL description The remote host is affected by the vulnerability described in GLSA-201206-03 (Opera: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could entice a user to open a specially crafted web page, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. A remote attacker may be able to: trick users into downloading and executing arbitrary files, bypass intended access restrictions, spoof trusted content, spoof URLs, bypass the Same Origin Policy, obtain sensitive information, force subscriptions to arbitrary feeds, bypass the popup blocker, bypass CSS filtering, conduct cross-site scripting attacks, or have other unknown impact. A local attacker could perform symlink attacks to overwrite arbitrary files with the privileges of the user running the application or possibly obtain sensitive information. A physically proximate attacker may be able to access an email account. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 59631 published 2012-06-21 reporter This script is Copyright (C) 2012-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/59631 title GLSA-201206-03 : Opera: Multiple vulnerabilities NASL family Windows NASL id OPERA_1010.NASL description The version of Opera installed on the remote host is earlier than 10.10. Such versions are potentially affected by multiple issues : - Error messages can leak onto unrelated sites which could lead to cross-site scripting attacks. (941) - Passing very long strings through the string to number conversion using JavaScript in Opera may result in heap buffer overflows. (942) - There is an as-yet unspecified moderately severe issue reported by Chris Evans of the Google Security Team. last seen 2020-06-01 modified 2020-06-02 plugin id 42892 published 2009-11-25 reporter This script is Copyright (C) 2009-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/42892 title Opera < 10.10 Multiple Vulnerabilities
Oval
| accepted | 2013-12-23T04:01:47.949-05:00 | ||||||||||||
| class | vulnerability | ||||||||||||
| contributors |
| ||||||||||||
| definition_extensions |
| ||||||||||||
| description | Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. | ||||||||||||
| family | windows | ||||||||||||
| id | oval:org.mitre.oval:def:6385 | ||||||||||||
| status | accepted | ||||||||||||
| submitted | 2009-11-26T01:37:29.630 | ||||||||||||
| title | Opera before 10.10 allows to obtain sensitive information and XSS attacks | ||||||||||||
| version | 9 |
References
- http://osvdb.org/60527
- http://secunia.com/advisories/37469
- http://www.opera.com/docs/changelogs/mac/1010/
- http://www.opera.com/docs/changelogs/unix/1010/
- http://www.opera.com/docs/changelogs/windows/1010/
- http://www.opera.com/support/kb/view/941/
- http://www.securityfocus.com/bid/37089
- http://www.vupen.com/english/advisories/2009/3297
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385