4486 matches found
openSUSE 10 Security Update : opera (opera-4575)
This version update of Opera to 9.24 fixes numerous defects including some security problems. CVE-2007-5540,CVE-2007-5541 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update opera-4575. The text...
CVE-2003-1420
Cross-site scripting XSS vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header...
CVE-2003-1420
CVE-2003-1420 is a documented XSS vulnerability in Opera versions 6.0 through 7.0, where remote attackers could inject arbitrary script or HTML by abusing the HTTP Location header when automatic redirection is disabled. The vulnerability arises from how Opera handles redirects, enabling arbitrary...
Opera浏览器远程代码执行及绕过同源策略漏洞
BUGTRAQ ID: 26100,26102 CVECAN ID: CVE-2007-5540,CVE-2007-5541 Opera是一款流行的WEB浏览器,支持多种平台。 Opera的实现上存在多个漏洞,远程攻击者可能利用这些漏洞控制用户系统。 如果用户将Opera配置为使用外部新闻组客户端或邮件应用程序的话,特制的网页可能导致Opera错误地运行该应用程序,在某些情况下这可能导致执行任意指令。 在访问不同站点的帧的时候,特制的脚本可能绕过同源策略覆盖这些帧的函数。如果之后页面的脚本运行了这些函数的话,就可能导致在目标站点的环境中运行攻击者所提供的脚本。 Opera Softwar...
CVE-2003-1387
CVE-2003-1387 : A buffer overflow in Opera 6.05 and 6.06 (and possibly other versions) can be triggered by a URL containing a long username, allowing a remote attacker to potentially execute arbitrary code. The connected NVD entry confirms the vulnerability details but does not specify a patch ve...
CVE-2003-1388
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension...
CVE-2003-1397
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service crash via an HTTP request containing a long string that gets passed to the ShowDocument method...
CVE-2003-1388
CVE-2003-1388 describes a buffer overflow in Opera 7.02 Build 2668 that can be triggered by a long HTTP request ending with a .ZIP extension, allowing a remote attacker to crash the browser. The affected software is Opera (version 7.02, build 2668). The underlying cause is a buffer overflow in th...
CVE-2003-1387
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username...
CVE-2003-1397
The CVE-2003-1397 entry affects Opera 6.05 and Opera 7.0. A crafted HTTP request containing a long string is passed to the ShowDocument method via the PluginContext object, causing a denial of service (crash). The provided documents state this as the vulnerability without detailing exploitable st...
CVE-2003-1396
CVE-2003-1396 describes a heap-based buffer overflow in Opera versions 6.05 through 7.10 triggered by a filename with a long extension. This enables remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. The root cause is a vulnerable handling of file extension...
CVE-2003-1396
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via a filename with a long extension...
Design/Logic Flaw
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors...
CVE-2007-5540
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors...
CVE-2007-5541
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors...
Design/Logic Flaw
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors...
CVE-2007-5540
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors...
CVE-2007-5476
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors...
CVE-2007-5541
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors...