4486 matches found
Cross site request forgery (csrf)
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request...
Code injection
Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events...
Code injection
Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document...
CVE-2013-1638
Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document...
CVE-2013-1639
Opera before 12.13 fails to send CORS preflight requests in all required cases, allowing a remote attacker to bypass CSRF protection via a crafted site that triggers a CORS request. The connected Gentoo/OpenVAS entries corroborate Opera as the affected product and advise upgrading to Opera 12.13_...
CVE-2013-1638
Opera before 12.13 is affected by CVE-2013-1638, allowing remote code execution via crafted SVG clipPaths. The connected advisories confirm the vulnerability in Opera and advise upgrading to a version containing the fix (e.g., Opera 12.13+). Remediation: upgrade to the latest Opera package that i...
CVE-2013-1637
Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events...
CVE-2013-1637
Opera pre-12.13 is vulnerable to remote code execution via DOM event vectors (CVE-2013-1637). Connected sources (SUSE GLSA 201406-14 and OpenVAS entries) confirm affected package: Opera with vulnerabilities described as multiple DOM-event related flaws enabling arbitrary code execution. The OpenV...
CVE-2013-1639
Opera before 12.13 does not send CORS preflight requests in all required cases, which allows remote attackers to bypass a CSRF protection mechanism via a crafted web site that triggers a CORS request...
Opera SVG Use After Free Vulnerability
Exploit for windows platform in category dos / poc !CDATA //Author=Cons0ul var b = new Array; // this is our spray function where spray is allocated on LFH with exact size 0x78 // so 0x78 size of block is created so far we are creating 0x50000 blocks // to create 0x78 blocks we are using...
Opera SVG - Use-After-Free
Opera SVG - Use-After-Free !CDATA //Author=Cons0ul var b = new Array; // this is our spray function where spray is allocated on LFH with exact size 0x78 // so 0x78 size of block is created so far we are creating 0x50000 blocks // to create 0x78 blocks we are using ArrayBuffer; function fengshui...
Opera SVG Use-After-Free
!CDATA //Author=Cons0ul var b = new Array; // this is our spray function where spray is allocated on LFH with exact size 0x78 // so 0x78 size of block is created so far we are creating 0x50000 blocks // to create 0x78 blocks we are using ArrayBuffer; function fengshui...
Opera SVG - Use-After-Free
!CDATA //Author=Cons0ul var b = new Array; // this is our spray function where spray is allocated on LFH with exact size 0x78 // so 0x78 size of block is created so far we are creating 0x50000 blocks // to create 0x78 blocks we are using ArrayBuffer; function fengshui...
FreeBSD : opera -- execution of arbitrary code (ea0f45e2-6c4b-11e2-98d9-003067c2616f)
Opera reports : Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptiv...
CVE-2013-1489
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
Security feature bypass
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 10 and Update 11, when running on Windows using Internet Explorer, Firefox, Opera, and Google Chrome, allows remote attackers to bypass the "Very High" security level of the Java Control Panel and...
Opera < 12.13 Multiple Vulnerabilities
Binary data 6680.prm...
Opera < 12.13 Multiple Vulnerabilities
Binary data 800848.prm...
Opera Browser Update Patches Remote Code Execution Vulnerabilities
A number of security vulnerabilities were repaired in the latest version of the Opera browser, which was released today. However, a security researcher says that users who downloaded the browser from Apple’s Mac App Store won’t have access to version 12.13; in fact you’ll be two revs behind as of...
opera -- execution of arbitrary code
Opera reports: Particular DOM event manipulations can cause Opera to crash. In some cases, this crash might occur in a way that allows execution of arbitrary code. To inject code, additional techniques would have to be employed...