3796 matches found
FreeBSD : opera -- multiple vulnerabilities (2eda0c54-34ab-11e0-8103-00215c6a37bb)
Opera reports : Opera 11.01 is a recommended upgrade offering security and stability enhancements. The following security vulnerabilities have been fixed : - Removed support for 'javascript:' URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS. - Fixed an issue where...
CVE-2011-0683
Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
Code injection
Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2011-0683
Opera before 11.01 does not properly restrict the use of opera: URLs, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...
CVE-2011-0683
Opera before 11.01 did not properly restrict opera: URLs, enabling clickjacking via a crafted site. A remote attacker could lure a user to a malicious page to perform a clickjacking attack. Affected: Opera up to version 11.00; remediation: upgrade to Opera 11.01 or later where the issue is fixed....
Opera < 11.01 Multiple Vulnerabilities
Binary data 800855.prm...
Opera < 11.01 Multiple Vulnerabilities
Binary data 5747.prm...
Opera < 11.01 Multiple Vulnerabilities
The version of Opera installed on the remote Windows host is earlier than 11.01. Such versions are potentially affected by the following issues : - The Cascading Style Sheets CSS Extensions for XML implementation recognizes links to javascript: URLs in the -o-link property, which could be abused ...
opera -- multiple vulnerabilities
Opera reports: Opera 11.01 is a recommended upgrade offering security and stability enhancements. The following security vulnerabilities have been fixed: Removed support for "javascript:" URLs in CSS -o-link values, to make it easier for sites to filter untrusted CSS. Fixed an issue where large...
Clickjacking attacks may be carried out against internal opera: URLs
Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possible clickjacking attacks. Certain manipulations can trick Opera into bypassing those restrictions, which would then allow clickjacking attacks to be carri...
Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories
Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories OPCOM Team | January 25, 2011 Severity High Description Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possib...
CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
DEBIAN-CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
Code injection
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2011-0003
CVE-2011-0003 affects MediaWiki up to version 1.16.0 (before 1.16.1). When user or site JavaScript or CSS is enabled, it allows remote attackers to conduct clickjacking via unspecified vectors. The issue is discussed in multiple advisories (e.g., GLSA-201206-09) and Fedora updates reference CVE-2...
CVE-2011-0003
MediaWiki before 1.16.1, when user or site JavaScript or CSS is enabled, allows remote attackers to conduct clickjacking attacks via unspecified vectors...
CVE-2011-0399
Piwik before 1.1 does not prevent the rendering of the login form inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site...