CVE-2005-3059

CVE-2005-3059 affects Opera 8.50 on Linux and Windows. The vulnerabilities are described as multiple unspecified issues tied to (1) handling of the must-revalidate cache directive for HTTPS pages and (2) a cookie comment encoding display issue. The connected documents do not provide concrete expl...

CVE-2005-3041

Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...

CVE-2005-3041

CVE-2005-3041 concerns Opera for Windows versions before 8.50. The issue is a drag‑and‑drop vulnerability described as an unspecified flaw that enables unintentional file uploads. The NVD entry lists a base score of 5.0 (Medium) with network attack vector, low complexity, and partial integrity im...

CVE-2005-3041

Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads."...

CVE-2005-3007

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." dot, which might allow remote attackers to trick users into processing dangerous content...

CVE-2005-3006

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames...

CVE-2005-3007

Opera before 8.50 is affected by a vulnerability where appending a trailing dot to a filename spoofed the content type, potentially tricking users into processing dangerous content. The issue concerns the browser’s handling of file-type presentation rather to content-type verification, enabling m...

CVE-2005-3007

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." dot, which might allow remote attackers to trick users into processing dangerous content...

CVE-2005-3006

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames...

CVE-2005-3006

The CVE for Opera (CVE-2005-3006) is a confirmed vulnerability in the Opera mail client prior to version 8.50. The issue arises because the mail client opens attached files from the user’s cache directory without warning, potentially allowing remote attackers to inject arbitrary web script and sp...

Secunia Research: Opera Mail Client Attachment Spoofing and ScriptInsertion

====================================================================== Secunia Research 20/09/2005 - Opera Mail Client Attachment Spoofing and Script Insertion - ====================================================================== Table of Contents Affected...

Multiple Opera Mail agent vulnerabilities

Attached files are opened from local cache making it's possible to execute javascript in context of "file://". By adding ',' character to file extension it's possible to bypass content filtering...

Opera < 8.50 Multiple Vulnerabilities

The remote host is using Opera, an alternative web browser. The installed version of Opera on the remote host contains two flaws its mail client and one in the browser. First, message attachments are opened from the user's cache directory without any warnings, which can be exploited to execute...

Opera < 8.50 Mail Client Multiple Vulnerabilities

Binary data 3232.prm...

Opera < 8.50 Upload Flaw

Binary data 3233.prm...

CVE-2005-2406

Opera 8.01 allows remote attackers to conduct cross-site scripting XSS attacks or modify which files are uploaded by tricking a user into dragging an image that is a "javascript:" URI...

CVE-2005-2407

A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking"...

CVE-2005-2405

Opera 8.01, when the "Arial Unicode MS" font ARIALUNI.TTF is installed, does not properly handle extended ASCII characters in the file download dialog box, which allows remote attackers to spoof file extensions and possibly trick users into executing arbitrary code...

FreeBSD : opera -- download dialog spoofing vulnerability (a2aa24fd-00d4-11da-bc08-0001020eed82)

A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the handling of extended ASCII codes in the download dialog. This can be...

FreeBSD : opera -- image dragging vulnerability (934b1de4-00d7-11da-bc08-0001020eed82)

A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and retrieve a user's files. The vulnerability is caused due to Opera allowing a user to drag e.g. an image, which is actually ...