CVE-2007-1737

Opera 9.10 does not check URLs embedded in 1 object or 2 iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection...

CVE-2007-1737

Opera 9.10 does not check URLs embedded in 1 object or 2 iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection...

CVE-2007-1737

Opera 9.10 does not check URLs embedded in 1 object or 2 iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection...

CVE-2007-1737

Opera 9.10 is affected: URLs embedded in object or iframe HTML tags are not checked against the phishing site blacklist, allowing bypass of phishing protection. Root cause is the failure to validate these embedded URLs. Impact is bypass of anti-phishing checks; explicit exploit details or in-the-...

Bypass phishing protection in Firefox / Opera

Hi, i've tested a simple way to bypass the phishing protection in Firefox 2.0.0.3 and Opera 9.10. Aparently both browsers fails to detect a phishing site if it is embeded in an IFRAME / OBJECT label. I've released some demostrations to test the above: http://zonafirefox.googlepages.com/prueba.htm...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Design/Logic Flaw

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

CVE-2007-1563

CVE-2007-1563 affects Opera (notably Opera 9.10) where the FTP PASV response can be manipulated to force the client to connect to arbitrary servers, enabling proxied port scans and potential exposure of sensitive information. The primary affected component is Opera’s FTP protocol implementation, ...

CVE-2007-1563

The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response...

Opera 9.x - FTP PASV Port-Scanning

source: https://www.securityfocus.com/bid/23089/info Opera is prone to vulnerability that may allow attackers to obtain potentially sensitive information. A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports and potentially reveal sensitive...

Opera 9.x - FTP PASV Port-Scanning

Opera 9.x - FTP PASV Port-Scanning source: https://www.securityfocus.com/bid/23089/info Opera is prone to vulnerability that may allow attackers to obtain potentially sensitive information. A successful exploit of this issue would cause the affected application to connect to arbitrary TCP ports a...

CVE-2007-1377

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service unspecified resource consumption via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability...

CVE-2007-1377

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service unspecified resource consumption via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability...

Opera 9.10 - Configuration Overwrite (Metasploit)

Opera 9.10 - Configuration Overwrite Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Opera 9.10 - Configuration Overwrite (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3...

Cross site scripting

The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2007-1115

The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2007-1115

The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...

CVE-2007-1115

The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting XSS attacks, as demonstrated using the UTF-7 character set...