Vulnerabilities > CVE-2011-4684 - Cryptographic Issues vulnerability in Opera Browser
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases."
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Common Attack Pattern Enumeration and Classification (CAPEC)
- Signature Spoofing by Key Recreation An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Exploit-Db
| description | Opera Web Browser Prior to 11.60 Multiple Denial of Service and Unspecified Vulnerabilitiies. CVE-2011-4684. Dos exploit for windows platform |
| id | EDB-ID:36443 |
| last seen | 2016-02-04 |
| modified | 2011-12-12 |
| published | 2011-12-12 |
| reporter | anonymous |
| source | https://www.exploit-db.com/download/36443/ |
| title | Opera Web Browser Prior to 11.60 - Multiple Denial of Service and Unspecified Vulnerabilitiies |
Nessus
NASL family SuSE Local Security Checks NASL id SUSE_11_3_OPERA-111208.NASL description opera was updated to version 11.60 to fix several security issues last seen 2020-06-01 modified 2020-06-02 plugin id 75699 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75699 title openSUSE Security Update : opera (openSUSE-SU-2011:1314-1) NASL family Windows NASL id OPERA_1160.NASL description The version of Opera installed on the remote Windows host is prior to 11.60. It is, therefore, affected by multiple vulnerabilities : - An unspecified error exists that can allow URL spoofing in the address bar. (CVE-2011-4010) - Top level domain separation rules are not honored for two-letter top level domains, e.g., last seen 2020-06-01 modified 2020-06-02 plugin id 57039 published 2011-12-07 reporter This script is Copyright (C) 2011-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/57039 title Opera < 11.60 Multiple Vulnerabilities (BEAST) NASL family SuSE Local Security Checks NASL id SUSE_11_4_OPERA-111208.NASL description opera was updated to version 11.60 to fix several security issues last seen 2020-06-01 modified 2020-06-02 plugin id 75986 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/75986 title openSUSE Security Update : opera (openSUSE-SU-2011:1314-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2011-76.NASL description Opera version update to 11.60 last seen 2020-06-01 modified 2020-06-02 plugin id 74533 published 2014-06-13 reporter This script is Copyright (C) 2014-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/74533 title openSUSE Security Update : opera (openSUSE-2011-76)