4486 matches found
Cross site scripting
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns...
CVE-2008-2716
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks...
Design/Logic Flaw
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks...
CVE-2008-2715
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns...
CVE-2008-2716
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks...
CVE-2008-2714
Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page address text to be misplaced."...
CVE-2008-2714
Summary: CVE-2008-2714 affects Opera before 9.26, where remote attackers could misrepresent web page addresses by using certain characters that cause the address text to be misplaced. Impact (as stated): The issue enables manipulation of how a page address is displayed, potentially enabling phish...
CVE-2008-2716
CVE-2008-2716 affects Opera before 9.5, where an unspecified vulnerability could allow remote attackers to spoof contents of trusted frames on the same parent page by modifying the location, enabling phishing. Public references indicate this CVE was addressed in Opera 9.50 via security updates (e...
CVE-2008-2715
Summary: CVE-2008-2715 is an unspecified vulnerability in Opera prior to 9.5 that could allow remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns. This vulnerability is reflected in multiple advisories (SUSE/OpenSUSE patches; NVD entry) and is add...
CVE-2008-2715
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns...
Opera Web浏览器9.5版本修复多个漏洞
BUGTRAQ ID: 29684 Opera是一款流行的WEB浏览器,支持多种平台。 Opera的9.5之前版本中存在多个安全漏洞,可能允许恶意用户泄露敏感信息或执行欺骗攻击。 1 地址栏中显示某些字符时的错误可能允许站点的地址栏类似于其他站点的地址,这有助于网络钓鱼攻击。 2 HTML CANVAS单元可以使用图形作为模板,而脚本可以使用该图形数据。如果图形是从其他站点检索到时,就不应允许脚本使用图形数据。Opera检查图形来源的方式存在漏洞,可能导致向脚本泄露图形数据。 3...
Opera < 9.50 Multiple Vulnerabilities
The version of Opera installed on the remote host reportedly is affected by several issues : - Improper handling of special characters in page addresses can make addresses look like other ones, aiding in phishing attacks. - Specially crafted HTML canvas elements could violate the same-origin imag...
Pages held in frames are able to change the location of pages in unrelated frames on the parent page – Opera Security Advisories
Pages held in frames are able to change the location of pages in unrelated frames on the parent page – Opera Security Advisories OPCOM Team | June 11, 2008 Severity: Less Severe Problem Description: Pages from different sources held on the same parent page should not be able to modify the locatio...
Certain characters can obscure the page address – Opera Security Advisories
Certain characters can obscure the page address – Opera Security Advisories OPCOM Team | June 9, 2008 Severity: Less Severe Problem Description When a page address contains certain characters, they can cause the page address text to be misplaced. In some cases, this could make characters be...
Images can be read cross-domain with canvas – Opera Security Advisories
Images can be read cross-domain with canvas – Opera Security Advisories OPCOM Team | June 9, 2008 Severity: Less Severe Problem Description HTML CANVAS elements can use images as patterns, and that image data is made available to scripts. When the images are retrieved from other Web sites, the...
[Full-disclosure] Opera - heap based buffer overflow (CVE-2007-6521)
============================================ ||| Security Advisory AKLINK-SA-2008-006 ||| ||| CVE-2007-6521 CVE candidate ||| ============================================ Opera - heap-based buffer overflow ================================== Date released: 28.05.2007 Date reported: 05.10.2007...
Opera Web浏览器9.25版本修复多个漏洞
BUGTRAQ ID: 26937 CVECAN ID: CVE-2007-6520,CVE-2007-6521,CVE-2007-6522,CVE-2007-6524 Opera是一款流行的WEB浏览器,支持多种平台。 Opera Web浏览器的9.25之前版本中存在多个安全漏洞,可能允许恶意用户执行跨站脚本攻击、泄露敏感信息、导致拒绝服务或执行任意代码。 1 某些插件可能导致跨站脚本攻击。 2 在连接到TLS保护的站点时,Opera会解析包含有主题替换名称的X.509证书。如果证书带有特制的主题替换名称的话,就会在Opera中触发堆溢出,导致拒绝服务或执行任意代码。 3...
Opera buffer overflow
Buffer overflow on TLS certificate parsing...
exteen-disclose.txt
========================================================== Exteen Blog XSS Remote Cookie Disclosure Exploit ========================================================== AUTHOR : CWH Underground DATE : 22 May 2008 SITE : www.citec.us APPLICATION : Exteen Blog VENDOR : www.exteen.com --- Vulnerable...
Exteen Blog XSS Remote Cookie Disclosure Exploit
========================================================== Exteen Blog XSS Remote Cookie Disclosure Exploit ========================================================== AUTHOR : CWH Underground DATE : 22 May 2008 SITE : www.citec.us APPLICATION : Exteen Blog VENDOR : www.exteen.com --- Vulnerable...