DoS vulnerabilities in Firefox, Internet Explorer, Opera and Chrome

Здравствуйте 3APA3A! Сообщаю вам о найденных мною Denial of Service уязвимостях в браузерах Mozilla Firefox, Internet Explorer, Opera та Google Chrome. Данную атаку я назвал DoS через ифреймы DoS via iframes attack. И она относится к типу DoS http://websecurity.com.ua/2550/ через потребление...

Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Windows

Opera web browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mozilla Firefox, Microsoft Internet Explorer, Opera and Google Chrome DoS

Printing irame in endless loop from javascript causes resources exhaustion and leads to browser hang...

Opera Web Browser Multiple Vulnerabilities - Dec08 (Windows)

The host is installed with Opera web browser and is prone to multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperamultvulndec08win.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Multiple Vulnerabilities - Dec08 Windows Authors: Chandan S Copyright: Copyright c 2008...

Opera Web Browser Multiple Vulnerabilities - Dec08 (Linux)

The host is installed with Opera web browser and is prone to multiple Vulnerabilities. OpenVAS Vulnerability Test $Id: secpodoperamultvulndec08lin.nasl 6539 2017-07-05 12:02:14Z cfischer $ Opera Web Browser Multiple Vulnerabilities - Dec08 Linux Authors: Chandan S Copyright: Copyright c 2008...

Opera Web Browser Multiple Vulnerabilities (Dec 2008) - Linux

Opera web browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. VID 225bc349-ce10-11dd-a721-0030843d3802 OpenVAS Vulnerability Test $ Description: Auto generated from VID 225bc349-ce10-11dd-a721-0030843d3802 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

openSUSE 10 Security Update : opera (opera-5867)

Opera 9.63 fixes the following security problems : - Manipulating text input contents can allow execution of arbitrary code - HTML parsing flaw can cause Opera to execute arbitrary code. - Long hostnames in file: URLs can cause execution of arbitrary code. - Script injection in feed preview can...

FreeBSD : opera -- multiple vulnerabilities (225bc349-ce10-11dd-a721-0030843d3802)

The Opera Team reports : Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

CVE-2008-5683

Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors...

Cross site scripting

Cross-site scripting XSS vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates...

Design/Logic Flaw

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption...

Security feature bypass

Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors...

CVE-2008-5681

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs...

CVE-2008-5679

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption...

CVE-2008-5680

Multiple buffer overflows in Opera before 9.63 might allow 1 remote attackers to execute arbitrary code via a crafted text area, or allow 2 user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178...

Design/Logic Flaw

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs...

CVE-2008-5679

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption...

CVE-2008-5682

Cross-site scripting XSS vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates...