4486 matches found
CVE-2005-2273
Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."...
CVE-2005-2273
Vulnerability summary: Opera 7.x and 8 before 8.01 contain a dialog origin spoofing issue where a Javascript dialog box is not clearly associated with the generating page, allowing remote attackers to spoof a dialog from a trusted site and facilitate phishing. Notes: The connected documents descr...
CVE-2005-2273
Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."...
FreeBSD : opera -- 'javascript:' URL XSS vulnerability (40856a51-e1d9-11d9-b875-0001020eed82)
A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks and to read local files. The vulnerability is caused due to Opera not properly restricting the privileges of 'javascript:' URLs...
FreeBSD : opera -- redirection XSS vulnerability (985bfcf0-e1d7-11d9-b875-0001020eed82)
A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to conduct cross-site scripting attacks against users. The vulnerability is caused due to input not being sanitised, when Opera generates a temporary page for displayi...
FreeBSD : opera -- XMLHttpRequest security bypass (79217c9b-e1d9-11d9-b875-0001020eed82)
A Secunia Advisory reports : Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to steal content or to perform actions on other websites with the privileges of the user. Normally, it should not be possible for the XMLHttpRequest object to access...
FreeBSD : opera (1341)
The following package needs to be updated: opera %NASLMINLEVEL 70300 C Tenable Network Security, Inc. This script contains information extracted from VuXML : Copyright 2003-2006 Jacques Vidrine and contributors Redistribution and use in source VuXML and 'compiled' forms SGML, HTML, PDF, PostScrip...
FreeBSD : opera -- multiple vulnerabilities in Java implementation (1489df94-6bcb-11d9-a21e-000a95bc6fae)
Marc Schoenefeld reports : Opera 7.54 is vulnerable to leakage of the java sandbox, allowing malicious applets to gain unacceptable privileges. This allows them to be used for information gathering spying of local identity information and system configurations as well as causing annoying crash...
FreeBSD : opera -- kfmclient exec command execution vulnerability (d8e55d65-81d6-11d9-a9e7-0001020eed82)
Giovanni Delvecchio reports : Opera for linux uses 'kfmclient exec' as 'Default Application' to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...
FreeBSD : opera -- 'data:' URI handler spoofing vulnerability (20c9bb14-81e6-11d9-a9e7-0001020eed82)
A Secunia Advisory reports : Michael Holzt has discovered a vulnerability in Opera, which can be exploited by malicious people to trick users into executing malicious files. The vulnerability is caused due to an error in the processing of 'data:' URIs, causing wrong information to be shown in a...
XMLHttpRequest Object security bypass in Opera Web Browser
Overview The Opera Web Browser fails to properly enforce security restrictions on the XMLHttpRequest Object. This may allow a remote, unauthenticated attacker to insert content from potentially malicious web sites. Description The XMLHttpRequest Object is a scripting object that provides routines...
CVE-2001-1491
Opera 5.11 allows remote attackers to cause a denial of service CPU consumption and memory leak via a web page with a large number of images...
CVE-2001-1491
Opera 5.11 is vulnerable to a denial of service via a web page containing a large number of images, causing CPU consumption and a memory leak. This results in partial loss of availability. The provided documents do not include specific exploit details, affected versions beyond Opera 5.11, or reme...
[SA15488] Opera Dialog Origin Spoofing Vulnerability
---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...
CVE-2005-1669
Cross-site scripting XSS vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other...
CVE-2005-1475
The CVE-2005-1475 issue affects Opera 8.0 Final Build 1095 where the XMLHttpRequest object could bypass same-origin restrictions due to insufficient validation of server-side redirects, allowing a remote attacker to access resources on other domains and perform actions with the user’s privileges....
CVE-2005-1669
Cross-site scripting XSS vulnerability in Opera 8.0 Final Build 1095 allows remote attackers to inject arbitrary web script or HTML via "javascript:" URLs when a new window or frame is opened, which allows remote attackers to bypass access restrictions and perform unauthorized actions on other...
CVE-2005-1475
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...
CVE-2005-1669
CVE-2005-1669 affects Opera 8.0 Final Build 1095. It is a cross-site scripting vulnerability where malicious javascript: URLs opened in a new window or frame allow remote script execution and potential unauthorized actions on other domains. Public references indicate Opera was updated to 8.01 to ...
CVE-2005-1475
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...