Buffer overflow

Multiple buffer overflows in Opera before 9.63 might allow 1 remote attackers to execute arbitrary code via a crafted text area, or allow 2 user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178...

CVE-2008-5682

CVE-2008-5682 is an XSS vulnerability in the Opera web browser (affecting versions

CVE-2008-5680

CVE-2008-5680 corresponds to multiple buffer overflow vulnerabilities in Opera before 9.63. Specifically, insecure handling in (1) text-area processing and (2) long host names in file:// URLs could allow remote code execution. The combined impact is high: a remote attacker could trigger arbitrary...

CVE-2008-5681

Opera before 9.63 is affected by CVE-2008-5681: the feed preview does not block unspecified scripted URLs, allowing a remote attacker to read existing subscriptions and force subscriptions to arbitrary feed URLs. Gentoo GLSA 200903-30/Opera advisories recommend upgrading to Opera 9.64 or later as...

CVE-2008-5683

Unspecified vulnerability in Opera before 9.63 allows remote attackers to "reveal random data" via unknown vectors...

CVE-2008-5679

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption...

CVE-2008-5681

Opera before 9.63 does not block unspecified "scripted URLs" during the feed preview, which allows remote attackers to read existing subscriptions and force subscriptions to arbitrary feed URLs...

CVE-2008-5680

Multiple buffer overflows in Opera before 9.63 might allow 1 remote attackers to execute arbitrary code via a crafted text area, or allow 2 user-assisted remote attackers to execute arbitrary code via a long host name in a file: URL. NOTE: this might overlap CVE-2008-5178...

CVE-2008-5683

Opera Web Browser Multiple Vulnerabilities (Dec 2008) include CVE-2008-5683, described as an unspecified vulnerability that could reveal random data. Affected product: Opera browser. Impact cited in the Gentoo GLSA/opens vulnerability records; browser upgrade to Opera 9.64 or later is advised as ...

CVE-2008-5682

Cross-site scripting XSS vulnerability in Opera before 9.63 allows remote attackers to inject arbitrary web script or HTML via built-in XSLT templates...

CVE-2008-5679

CVE-2008-5679 affects the Opera web browser (operating on multiple platforms). The issue is in the HTML parsing engine where processing crafted pages triggers an invalid pointer calculation, leading to heap corruption. This vulnerability, part of a set of issues (CVE-2008-5178, CVE-2008-5680–5683...

Opera Web浏览器9.63版本修复多个安全漏洞

BUGTRAQ ID: 32864 Opera是一款流行的WEB浏览器，支持多种平台。 Opera的9.63之前版本中存在多个安全漏洞，可能允许恶意用户执行跨站脚本、泄露敏感信息或导致拒绝服务。 1 操控某些文本区内容可以触发缓冲区溢出，导致执行任意代码。 2 某些HTML construct可能导致DOM意外更改，触发崩溃。 3 file: URL中超长的主机名可以触发缓冲区溢出，导致执行任意代码。远程Web页面无法引用file: URL，因此攻击者必须诱骗用户手动打开URL或引用URL的本地文件才能利用这个漏洞。 4...

Certain characters can be used to allow cross-site scripting – Opera Security Advisories

Certain characters can be used to allow cross-site scripting – Opera Security Advisories OPCOM Team | December 17, 2008 Severity Highly Severe Problem Description When accepting HTML content from untrusted users, Web sites sometimes employ some kind of filtering to ensure that the content cannot...

n.runs-SA-2008.010 - Opera HTML parsing Code Execution

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 n.runs AG http://www.nruns.com/ securityatnruns.com n.runs-SA-2008.010 16-Dec-2008 Vendor: Opera Software ASA, http://www.opera.com Affected Products: Opera Browser all platforms Vulnerability: HTML parsing flaw lead to remote code execution Risk: HIG...

Opera memory corruption

Heap corruption on HTML parsing...

Registering Opera as a protocol handler can allow it to be used to execute arbitrary code

When an application attempts to access a URL that uses a protocol that it does not understand, it may choose to pass the URL to a registered handler for that protocol. If that registered handler is Opera, it will be started, passing the URL to open. Some external applications do not ensure that t...

History Search can be used to execute arbitrary code

When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuration, allowing them...

A JPEG image with a malformed header can crash Opera

A specially crafted DHT marker in the JPEG file header can causea heap overflow. The malformed image alone will only cause a crash. To exploitthe flaw, the computer's memory must first be filled up withcode of the attacker's choice. This is not trivial to do reliably,so attempted attacks will oft...

Image properties can be used to execute scripts

Image properties can contain custom comments. When displaying the image properties, Opera can be tricked into treating the comments as script. This can cause the script to be run in the wrong security context...

Insecure pages can show incorrect security information – Opera Security Advisories

Insecure pages can show incorrect security information – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Less Severe Problem Description When insecure pages load content from secure sites into a frame, they can cause Opera to incorrectly report the insecure site as being secure...