| Revision Date: | 2014-03-17 | Version: | 7 |
| Title: | Cross-site scripting (XSS) vulnerability in Opera 9 and 10 |
| Description: | Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "design feature," not a vulnerability. |
| Family: | windows | Class: | vulnerability |
| Status: | ACCEPTED | Reference(s): | CVE-2009-3265
|
| Platform(s): | Microsoft Windows 7
Microsoft Windows 8
Microsoft Windows 8.1
Microsoft Windows Server 2003
Microsoft Windows Server 2008
Microsoft Windows Server 2008 R2
Microsoft Windows Server 2012
Microsoft Windows Server 2012 R2
Microsoft Windows Vista
Microsoft Windows XP
| Product(s): | Opera Browser
|
| Definition Synopsis |
| Opera Browser is installed AND Opera.exe version 9.x to 10.0.x
AND Check if HKLM\SOFTWARE\Classes\Applications\Opera.exe\shell\open\command exists
|