CVE-2004-1201

Opera 7.54 allows remote attackers to cause a denial of service application crash from memory exhaustion, as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays...

Phishing attack possible with a delayed JavaScript prompt – Opera Security Advisories

Phishing attack possible with a delayed JavaScript prompt – Opera Security Advisories OPCOM Team | January 5, 2005 Severity: Moderate/low Problem description A malicious page can be crafted to send the userto his banking site, and shortly afterwardsdisplay a dialog enticing the user to type inhis...

CVE-2004-2570

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user...

CVE-2004-1810

The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service crash by creating a new Array object with a large size value, then writing into that array...

CVE-2004-1490

Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces ASCII character code 160 in the 1 Content-Disposition or 2 Content-Type headers...

CVE-2004-2659

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears...

CVE-2004-2491

A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks...

CVE-2004-2260

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute...

CVE-2004-1491

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry...

Opera < 7.54u1 Download Box Spoofing

Binary data 2467.prm...

CVE-2004-1201

Opera 7.54 allows remote attackers to cause a denial of service application crash from memory exhaustion, as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays...

CVE-2004-1201

CVE-2004-1201 affects Opera 7.54 and describes a denial-of-service condition caused by a memory-exhaustion scenario triggered by JavaScript that repeatedly creates nested arrays and sorts them. The issue leads to an application crash. This summary reflects information from the NVD/NVD-family reco...

[ZH2004-19SA] Possible execution of remote shell commands in Opera with kfmclien

Author: Giovanni Delvecchio e-mail: [email protected] Original Advisory: http://www.zone-h.org/advisories/read/id=6503 Tested version: Opera 7.54 linux version with Kde 3.2.3 Problem: ======= Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be...

Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution

Opera Web Browser 7.54 - KDE KFMCLIENT Remote Command Execution source: https://www.securityfocus.com/bid/11901/info It is reported that Opera for Linux is susceptible to a remote command execution vulnerability. This issue is due to a default configuration setting in Opera that utilizes the KDE...

Opera Web Browser 7.54 - &#039;KDE KFMCLIENT&#039; Remote Command Execution

source: https://www.securityfocus.com/bid/11901/info It is reported that Opera for Linux is susceptible to a remote command execution vulnerability. This issue is due to a default configuration setting in Opera that utilizes the KDE 'kfmclient' utility to open unknown content. Exploitation of thi...

opera -- kfmclient exec command execution vulnerability

Giovanni Delvecchio reports: Opera for linux uses "kfmclient exec" as "Default Application" to handle saved files. This could be used by malicious remote users to execute arbitrary shell commands on a target system...

CVE-2004-1157

CVE-2004-1157 affects Opera 7.x up to 7.54 (and possibly other versions). The issue allows remote spoofing of arbitrary websites by injecting content from one window into a target window that has a known name but resides in a different domain (a window-injection vulnerability). The impact is cont...

CVE-2004-1157

Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window...

[Full-Disclosure] Disclosure of local file content in Mozilla Firefox and Opera

Disclosure of local file content in Mozilla Firefox and Opera Note: I don't know if it could be considered really a security problem, anyway i'll try to explain my ideas. Sorry for my bad english. Author: Giovanni Delvecchio Applications affected: - Firefox 1.0 - Mozilla 1.7 - Opera 7.54 maybe al...

Mozilla and Opera information leak

By using localfiles object it's possible to obtain local files list. Under some conditions it' possible ot retrieve file content...