4486 matches found
Opera < 9.22 Torrent File Overflow
Binary data 4142.prm...
Opera use-after-free vulnerability
Memory is used after free on BitTorrent headers parsing...
The createPattern function can reveal old data from random places in memory
Opera for Linux, FreeBSD, and Solaris has a flaw in the createPattern function thatleaves old data that was in the memory before Opera allocated itin the new pattern. The pattern can be read and analyzed byJavaScript, so an attacker can get random samples of the user'smemory, which may contain da...
A malicious torrent can cause Opera to execute arbitrary code
Removing a specially crafted torrent from the download managercan crash Opera. The crash is caused by an erroneous memoryaccess.An attacker needs to entice the user to accept the maliciousBitTorrent download, and later remove it from Opera's downloadmanager. To inject code, additional means will...
Opera's HTTP authentication cuts off long server names at the end
Opera's HTTP authentication dialog is displayed when the user enters a Web pagethat requires a login name and a password. To inform the user which server itwas that asked for login credentials, the dialog displays the server name.The user has to see the entire server name. A truncated name can be...
The createPattern function can reveal old data from random places in memory – Opera Security Advisories
The createPattern function can reveal old data from random places in memory – Opera Security Advisories OPCOM Team | July 19, 2007 Summary The createPattern function can reveal old data from random places in memory Severity: moderately severe Problem description Opera for Linux, FreeBSD, and...
data: URLs can spoof trusted trusted sites
data: URLs embed data inside them, instead of linking to an externalresource. Opera can mistakenly display the end of a data URL insteadof the beginning. This allows an attacker to spoof the URL of atrusted site...
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories
Opera’s HTTP authentication cuts off long server names at the end – Opera Security Advisories OPCOM Team | July 19, 2007 Summary Opera’s HTTP authentication dialog cuts off long server name at the right hand end. Severity: Less severe Problem description Opera’s HTTP authentication dialog is...
iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability iDefense Security Advisory 07.19.07 http://labs.idefense.com/intelligence/vulnerabilities/ Jul 19, 2007 I. BACKGROUND Opera is a cross-platform web browser. More information is available at http://www.opera.com/ II...
A malicious torrent can cause Opera to execute arbitrary code – Opera Security Advisories
A malicious torrent can cause Opera to execute arbitrary code – Opera Security Advisories OPCOM Team | July 19, 2007 Summary A malicious torrent file can cause Opera to execute arbitrary code. Severity: High Problem description Removing a specially crafted torrent from the download managercan cra...
data: URLs can spoof trusted trusted sites – Opera Security Advisories
data: URLs can spoof trusted trusted sites – Opera Security Advisories OPCOM Team | July 19, 2007 Summary Opera displays certain data: URLs wrongly, enabling URL spoofing. Severity: Moderately severe Problem description data: URLs embed data inside them, instead of linking to an externalresource...
CVE-2007-3819
Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed...
Design/Logic Flaw
Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed...
CVE-2007-3819
Opera 9.21 allows remote attackers to spoof the data: URI scheme in the address bar via a long URI with trailing whitespace, which prevents the beginning of the URI from being displayed...
CVE-2007-3819
Opera 9.21 is affected by CVE-2007-3819: a vulnerability that lets remote attackers spoof the data: URI scheme in the address bar by providing a long URI with trailing whitespace, which prevents the initial part of the URI from being displayed. This can enable spoofing of the targeted site in the...
Flash Player information disclosure vulnerability
Overview The Adobe Flash player contains an information disclosure vulnerability that affects the Konqueror and Opera web browsers. Description Konqueror is the default web browser for the KDE desktop. Opera is a web browser that is available for Windows, Linux and BSD systems.The Adobe Flash...
Opera Web浏览器运行Adobe Flash播放器未明漏洞
Opera是一款开放源代码的WEB浏览器。 运行在Linux, Solaris或FreeBSD操作系统上的Opera处理Adobe Flash播放器存在未明安全问题,远程攻击者可以利用漏洞获得敏感信息。 目前没有详细漏洞细节提供。 S.u.S.E. openSUSE 10.2 S.u.S.E. Novell Linux Desktop 9 S.u.S.E. Linux Professional 10.0 OSS S.u.S.E. Linux Professional 9.3 x8664 S.u.S.E. Linux Professional 9.3 S.u.S.E. Linux...
kdebase3 flash-player interaction problem
Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information browser keystrokes, which are leaked to the Flash Player applet...
Design/Logic Flaw
Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication...
CVE-2007-3143
Visual truncation vulnerability in Konqueror 3.5.5 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after a certain number of characters, as demonstrated by a phishing attack using HTTP Basic Authentication...