Resized canvas patterns can cause Opera to execute arbitrary code

HTML CANVAS elements can use scaled images as patterns. With suitable scaling manipulation of the image, a script can cause Opera to crash. This crash can sometimes cause memory corruption. To inject code, additional techniques will have to be employed...

Image properties can be used to execute scripts – Opera Security Advisories

Image properties can be used to execute scripts – Opera Security Advisories OPCOM Team | December 16, 2008 Severity Highly Severe Problem Description Image properties can contain custom comments. When displaying the image properties, Opera can be tricked into treating the comments as script. This...

Built-in XSLT templates can allow cross-site scripting – Opera Security Advisories

Built-in XSLT templates can allow cross-site scripting – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Highly Severe Problem Description Built-in XSLT templates incorrectly handle escaped content and can cause it to be treated as markup. If a site accepts content from untruste...

Long hostnames in file: URLs can cause execution of arbitrary code – Opera Security Advisories

Long hostnames in file: URLs can cause execution of arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Highly Severe Problem Description Exceptionally long host names in file: URLs can cause a buffer overflow, which may be exploited to execute arbitrary code. Remot...

Script injection in feed preview can reveal contents of unrelated news feeds – Opera Security Advisories

Script injection in feed preview can reveal contents of unrelated news feeds – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Highly Severe Problem Description When Opera is previewing a news feed, some scripted URLs are not correctly blocked. These can execute scripts which ar...

HTML parsing flaw can cause Opera to execute arbitrary code – Opera Security Advisories

HTML parsing flaw can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Extremely Severe Problem Description Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional...

HTML parsing flaw can cause Opera to execute arbitrary code

Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be employed...

Manipulating text input contents can allow execution of arbitrary code – Opera Security Advisories

Manipulating text input contents can allow execution of arbitrary code – Opera Security Advisories OPCOM Team | December 15, 2008 Severity Extremely Severe Problem Description Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code...

Design/Logic Flaw

Opera 9.51 on Windows XP does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service stack consumption or other resource consumption via...

CVE-2008-5428

Opera 9.51 on Windows XP does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service stack consumption or other resource consumption via...

CVE-2008-5428

CVE-2008-5428 applies to Opera 9.51 on Windows XP, where the product mishandles multipart/mixed e-mail messages with many MIME parts and possibly a large number of headers of type Content-type: message/rfc822. The underlying issue is a resource consumption vulnerability that can lead to a denial ...

CVE-2008-5428

Opera 9.51 on Windows XP does not properly handle 1 multipart/mixed e-mail messages with many MIME parts and possibly 2 e-mail messages with many "Content-type: message/rfc822;" headers, which allows remote attackers to cause a denial of service stack consumption or other resource consumption via...

Google Chrome / Opera crossite scripting

Page URL is written to file unfiltered when page is saved...

Cross-browser Code Execution via XSS

Hello 3APA3A! Recently I wrote about cross-browser Code Execution via XSS attack http://websecurity.com.ua/2638/. Earlier I wrote you about Code Execution via XSS in Internet Explorer http://securityvulns.ru/Udocument911.html. In this article I told about Code Execution attack via IE via Cross-Si...

Opera Web Browser Heap Based Buffer Overflow Vulnerability (Windows)

The host is installed with Opera Web Browser and is prone to buffer overflow vulnerability. OpenVAS Vulnerability Test $Id: gboperafileheapbofvulnwin.nasl 6519 2017-07-04 14:08:14Z cfischer $ Opera Web Browser Heap Based Buffer Overflow Vulnerability Windows Authors: Chandan S Copyright: Copyrigh...

Opera Web Browser Heap Based Buffer Overflow Vulnerability - Windows

Opera Web Browser is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Heap overflow

Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680...

CVE-2008-5178

Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680...

DSquare Exploit Pack: D2SEC_OPERAHEAP

Name| d2secoperaheap ---|--- CVE| CVE-2008-5178 Exploit Pack| D2ExploitPack Description| Opera Web Browser file:// Heap Overflow Notes|...

CVE-2008-5178

Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680...