CVE-2008-5178

Opera 9.62 on Windows is affected by a heap-based buffer overflow when processing long file:// URLs (CVE-2008-5178). Connected advisories (Gentoo GLSA 200903-30 and related Nessus/OpenVAS entries) confirm multiple CVEs in Opera from Dec 2008, including CVE-2008-5679, CV8-5680, CVE-2008-5681/2/3, ...

Opera Web浏览器file://处理器堆溢出漏洞

BUGTRAQ ID: 32323 Opera是一款流行的WEB浏览器，支持多种平台。 Opera Web浏览器的file://处理器没有正确地验证用户提供输入参数，如果用户受骗打开了恶意的HTML文档并向处理器传送了大约16,500个字符的话，就可以触发堆溢出，导致执行任意指令。请注意无法从Internet调用file://处理器，因此访问恶意网页不会触发这个溢出。 Opera Software Opera 9.62 Opera Software -------------- 目前厂商还没有提供补丁或者升级程序，我们建议使用此软件的用户随时关注厂商的主页以获取最新版本：...

Gentoo Security Advisory GLSA 200811-01 (opera)

The remote host is missing updates announced in advisory GLSA 200811-01. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Opera buffer overflow

Buffer overflow on oversized file:// URI...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. VID 0e30e802-a9db-11dd-93a2-000bcdf0a03b OpenVAS Vulnerability Test $ Description: Auto generated from VID 0e30e802-a9db-11dd-93a2-000bcdf0a03b Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

Opera 9.6x file:// overflow

Hello all - I don't have time for a fancy advisory format, but I did want to disclose an issue. Sometime in early October late September?, around the time Opera 9.6 was released, I noticed that you could get it to crash after supplying the file:// handler with 16,500 characters. I played around...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Gentoo Security Advisory GLSA 200811-01 (opera)

The remote host is missing updates announced in advisory GLSA 200811-01. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

opera -- multiple vulnerabilities

The Opera Team reports: Manipulating certain text-area contents can cause a buffer overflow, which may be exploited to execute arbitrary code. Certain HTML constructs can cause the resulting DOM to change unexpectedly, which triggers a crash. To inject code, additional techniques will have to be...

Opera 9.62 file:// Local Heap Overflow Exploit

No description provided by source. html headtitleuh?/title/head body script // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // maybe there's...

opera962-overflow.txt

uh? // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // maybe there's one more reliable... var i=0; // push es, pop es var block =...

Opera 9.62 file:// Local Heap Overflow Exploit

Exploit for unknown platform in category local exploits ============================================== Opera 9.62 file:// Local Heap Overflow Exploit ============================================== uh? // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerabili...

Opera 9.62 - file: Local Heap Overflow

Opera 9.62 - file: Local Heap Overflow uh? // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // maybe there's one more reliable... var i=0; //...

Opera 9.62 - 'file://' Local Heap Overflow

uh? // ksOSe 11/15/2008 // tested on Windows XP SP3, opera 9.62 international version // vulnerability found by send9 // there are many ways to achieve code execution, tons of function pointers to overwrite. // maybe there's one more reliable... var i=0; // push es, pop es var block =...

FreeBSD : opera -- multiple vulnerabilities (0e30e802-a9db-11dd-93a2-000bcdf0a03b)

Opera reports : When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuratio...

openSUSE 10 Security Update : opera (opera-5722)

This update to Opera 9.62 fixes a security bug that allowed the execution of arbitrary commands remotely. http://www.opera.com/docs/changelogs/linux/962/ %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securi...

opera -- multiple vulnerabilities

Opera reports: When certain parameters are passed to Opera's History Search, they can cause content not to be correctly sanitized. This can allow scripts to be injected into the History Search results page. Such scripts can then run with elevated privileges and interact with Opera's configuration...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. VID f5c4d7f7-9f4b-11dd-bab1-001999392805 OpenVAS Vulnerability Test $ Description: Auto generated from VID f5c4d7f7-9f4b-11dd-bab1-001999392805 Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

FreeBSD Ports: opera, linux-opera

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...