Design/Logic Flaw

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

CVE-2007-6524

Technical details for CVE-2007-6524 are not provided in the connected documents. The initial description mentions a memory-content leak via BMP in Opera before 9.25, but no concrete affected versions, root cause, impact, or fixes are included here. Monitor for updates.

CVE-2007-6524

Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap BMP file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420...

CVE-2007-6523

CVE-2007-6523 affects Opera 9.50 beta and Opera 9.x prior to 9.25. The issue is a vulnerability in the handling of bitmap (BMP) files where a crafted BMP can trigger a large number of calculations and checks, leading to high CPU usage and a potential denial of service. The root cause is described...

CVE-2007-6521

Opera before 9.25 is affected by a heap-based buffer overflow during TLS certificate parsing (specifically subject alternative names in X.509 certificates), which can allow remote attackers to cause a crash or execute arbitrary code. This vulnerability (CVE-2007-6521) was addressed in Opera 9.25,...

CVE-2007-6522

The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains...

CVE-2007-6520

Opera before 9.25 contains multiple vulnerabilities (CVE-2007-6520, CVE-2007-6521, CVE-2007-6522, CVE-2007-6524) that enable cross-domain scripting via plug-ins, TLS certificate handling that could allow arbitrary code execution, and memory disclosure through BMP/file handling. The issues affect ...

CVE-2007-6522

Opera prior to version 9.25 contains CVE-2007-6522 where rich text editing via designMode can be abused to perform cross-domain scripting. The vulnerability’s impact is described as enabling cross-site scripting by modifying contents in pages on other domains, with associated risk of information ...

CVE-2007-6523

Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service CPU consumption via a crafted bitmap BMP file that triggers a large number of calculations and checks...

CVE-2007-6520

Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins...

CVE-2007-6521

Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates...

FreeBSD : opera -- multiple vulnerabilities (31b045e7-ae75-11dc-a5f9-001a4d49522b)

Opera Software ASA reports about multiple security fixes : - Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. - Fixed an issue with TLS certificates that could be used to execute arbitrary code, as...

Opera < 9.25 Multiple Vulnerabilities

Binary data 4323.prm...

opera -- multiple vulnerabilities

Opera Software ASA reports about multiple security fixes: Fixed an issue where plug-ins could be used to allow cross domain scripting, as reported by David Bloom. Details will be disclosed at a later date. Fixed an issue with TLS certificates that could be used to execute arbitrary code, as...

SuSE 10 Security Update : flash-player (ZYPP Patch Number 3890)

The Adobe Flash Player was updated to version 7.0.70.0 for Novell Linux Desktop 9 and to version 9.0.48.0 on SUSE Linux Enterprise Desktop 10 to fix several security problems : - An input validation error has been identified in Flash Player 9.0.45.0 and earlier versions that could lead to the...

Opera Web Browser Bitmap文件RLE远程拒绝服务漏洞

Opera是一款开放源代码的WEB浏览器。 Opera处理BMP文件存在问题，远程攻击者可以利用漏洞使浏览器停止响应，造成拒绝服务攻击。 攻击者特殊构建一个包含最大宽度的，并且数据使用00 02 FF FF opcodes填充的BMP文件，并由一个包含多个img标签显示BMP文件的WEB页来诱使用户使用Opera来访问，可导致应用程序停止响应，造成拒绝服务攻击。 Opera Software Opera Web Browser 9.50 beta Opera Software Opera Web Browser 9.24 目前没有解决方案提供： http://www.opera.com/...

Opera Web浏览器位图文件RLE远程拒绝服务漏洞

BUGTRAQ ID: 26721 Opera是一款流行的WEB浏览器，支持多种平台。 Opera在处理畸形的BMP文件时存在漏洞，可能导致系统一定时间的性能大幅下降。 BMP文件允许游程长度编码4位和8位的位图。BMP格式中所使用的RLE有一些额外的功能，如移动到其他行和列的写指针（00 02 XX YY）。Opera实现00 02 XX YY功能的算法过于缓慢，正常解压算法是将XX和YY width添加到写指针，而Opera的实现要执行XX + YY width递增，每次递增都要执行自己的检查和其他计算。 攻击者可以创建最大宽度（约32000像素）的BMP文件，用00 02 FF F...

Opera 9.50 beta and prior remote DoS &#40;freeze&#41;

Name : Opera 9.50 beta / 9.24 Remote DoS Type : Remote DoS Credits: Gynvael Coldwind of Vexillium & Simey Impact : Low Short description Opera is vulnerable to a remote DoS attack, using spacially crafted BMP files, that causes the browser to freeze for a short amount of time around 4 minutes on...

Opera CPU exhaustion

BMP file in special format causes CPU exhaustion...

Apple QuickTime 7.2/7.3 RTSP Response Universal Exploit (IE7/FF/Opera)

No description provided by source. !/usr/bin/python http://www.offensive-security.com Bug discovered by Krystian Kloskowski h07 [email protected] Tested on: Apple QuickTime Player 7.3 / 7.2 IE7,FF /Opera, XP SP2, Vista...