CVE-2008-1080

Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input...

CVE-2008-1080

Opera before 9.26 is affected by CVE-2008-1080, CVE-2008-1081, and CVE-2008-1082. The issues stem from input handling in file form fields, image comments, and DOM attribute value representation in imported XML documents, allowing a remote attacker to trigger file path manipulation, script executi...

CVE-2008-1081

Opera prior to 9.26 is affected by CVE-2008-1081, where image comments can be treated as scripts when viewing image properties, enabling a user‑assisted remote attacker to execute arbitrary script. The vulnerability arises from images containing custom comments that are executed as script in the ...

CVE-2008-1081

Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties...

CVE-2008-1082

Opera before 9.26 is affected by CVE-2008-1082 due to a flaw in handling DOM attribute values of imported XML documents, which allows bypassing sanitization filters and enables cross-site scripting (XSS). This configures a remote attacker to exploit crafted attribute values in an XML document dur...

openSUSE 10 Security Update : opera (opera-5028)

This is a version update for Opera to version 9.26 to fix : - Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. - Image properties can no longer be used to execute scripts, as reported by Max Leonov. - Fixed an issue where the...

Mozilla Firefox / Opera information leak

Error on BMP files displaying allows to read content of heap memory...

Opera Web浏览器9.26修复多个安全漏洞

BUGTRAQ ID: 27901 Opera是一款流行的WEB浏览器，支持多种平台。 Opera Web浏览器的9.26之前版本中存在多个安全漏洞，可能允许恶意用户执行跨站脚本攻击、泄露敏感信息或绕过某些安全限制。 1 当用户键入文件输入时，脚本可能导致忽略一些键盘动作。如果脚本能够诱骗用户相信正在键入正常的文件输入，而不让用户看到已经忽略了键盘动作，就可能导致输入指向计算机上的文件路径，然后在未经用户交互的情况下上传文件。 2 图形属性中可能包含有自定义标注。在显示图形属性时，Opera可能将这些标注处理为脚本，导致在错误的安全环境中运行脚本。 3...

FreeBSD : opera -- multiple vulnerabilities (30c560ff-e0df-11dc-891a-02061b08fc24)

Opera Software ASA reports about multiple security fixes : - Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. - Image properties can no longer be used to execute scripts, as reported by Max Leonov. - Fixed an issue where the...

opera -- multiple vulnerabilities

Opera Software ASA reports about multiple security fixes: Fixed an issue where simulated text inputs could trick users into uploading arbitrary files, as reported by Mozilla. Image properties can no longer be used to execute scripts, as reported by Max Leonov. Fixed an issue where the...

Opera < 9.26 Multiple Vulnerabilities

Binary data 4386.prm...

Opera < 9.26 Multiple Vulnerabilities

The version of Opera installed on the remote host reportedly is affected by several issues : - Simulated text input could trick users into uploading arbitrary files. - Image properties comments containing script will be run when displaying the image properties, leading to code execution in the...

Anti-DNS Pinning and Java Applets with Opera and Firefox

Sun Java Runtime Environment JRE in JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.215 and earlier, and SDK and JRE 1.3.120 and earlier, when Firefox or Opera is used, allows remote attackers to violate the security model for JavaScript outbound...

Critical: Red Hat Security Advisory: java-1.4.2-ibm security update

Updated java-1.4.2-ibm packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4 Extras, and 5 Supplementary. This update has been rated as having critical security impact by the Red Hat Security Response Team. IBM's 1.4.2 SR10 Java release includes the IBM...

openSUSE 10 Security Update : opera (opera-4858)

Opera released version 9.25 of their browser to fix various security problems. CVE-2007-6520: Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. CVE-2007-6521: Fixed an issue with TLS certificates tha...

Opera browser multiple security vulnerabilities

Crossite scripting, problem with TLS certificates, information leak...

GLSA-200712-22 : Opera: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200712-22 Opera: Multiple vulnerabilities David Bloom reported two vulnerabilities where plug-ins CVE-2007-6520 and Rich text editing CVE-2007-6522 could be used to allow cross domain scripting. Alexander Klink Cynops GmbH...

Opera: Multiple vulnerabilities

Background Opera is a fast Web browser that is available free of charge. Description David Bloom reported two vulnerabilities where plug-ins CVE-2007-6520 and Rich text editing CVE-2007-6522 could be used to allow cross domain scripting. Alexander Klink Cynops GmbH discovered an issue with TLS...

Opera Web浏览器JPEG图像处理远程整数溢出漏洞

BUGTRAQ ID: 18594 Opera是一款流行的WEB浏览器，支持多种平台。 Opera Web浏览器在处理JPEG文件时存在整数溢出漏洞，如果在JPEG文件的某些字段指定了过大的高度和宽度值的话，就会触发此漏洞导致执行任意指令。 Opera Software Opera = 8.54 Opera Software -------------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载9.0版本 http://www.opera.com a href="a...

RunCMS 1.6 Get Admin Cookie Remote Blind SQL Injection Exploit

No description provided by source. // / RUNCMS 1.6 BLIND SQL Injection Exploit get Admin Cookie / // / exploit get admin cookie that can be used / / to login by pasting it into browser Opera / / and then get access to Admin session / / and change Admins password / / / // // / tested on RUNCMS...