Opera < 7.22 Multiple Vulnerabilities

The remote host is using Opera, an alternative web browser. The version of Opera installed on the remote host is affected by several issues. One may allow an attacker to drop arbitrary files with arbitrary names on this host; another may allow an attacker to traverse directories on the affected...

Opera Web Browser 7.x - URI Handler Directory Traversal

Opera Web Browser 7.x - URI Handler Directory Traversal source: https://www.securityfocus.com/bid/9021/info It has been reported that Opera is vulnerable to a directory traversal issue that may allow an attacker to access sensitive information. The problem presents itself due to insufficient...

Internet Explorer and Opera local zone restriction bypass

Internet Explorer and Opera local zone restriction bypass. =--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--=--= ---------------------- Vendor Information: ---------------------- Homepage : http://www.microsoft.com Vendor : informed Mailed advisory: 23/10/03 Vender Response : None yet...

Opera Web Browser 7 - IFRAME Zone Restriction Bypass

Opera Web Browser 7 - IFRAME Zone Restriction Bypass source: https://www.securityfocus.com/bid/8887/info A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users filesystem within the Local Zone. The problem occurs when handling malformed...

Opera Web Browser 7 - IFRAME Zone Restriction Bypass

source: https://www.securityfocus.com/bid/8887/info A flaw in the Opera web browsers security model has been discovered that could allow an attacker to access a users filesystem within the Local Zone. The problem occurs when handling malformed HTML iframes which point to local system locations...

Opera HREF escaped server name overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Opera HREF escaped server name overflow Release Date: 10/20/2003 Application: Opera 7.11, 7.20 Platform: Windows XP/2000 and GNU/Linux 2.4 tested, others may be vulnerable Severity: Remote...

CVE-2003-0870

CVE-2003-0870 affects Opera 7.11 and 7.20 where rendering certain HREFs causes a heap-based buffer overflow, allowing remote code execution via an escaped server name. Exploitation would require a user opening a crafted page or email containing the malformed HREF, potentially compromising the hos...

CVE-2003-0870

Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name...

Opera < 7.21 HREF Escaped Character Overflow

The installed version of Opera on the remote host is vulnerable to a buffer overflow in the code that parses HREF tags in the server. To exploit them, an attacker would need to set up a rogue website, then lure a user of this host to visit the site using Opera. The attacker would then be able to...

Opera 7.11/7.20 HREF - Malformed Server Name Heap Corruption

source: https://www.securityfocus.com/bid/8853/info A vulnerability has been discovered in the Opera web browser that could lead to remote code execution. The problem is said to trigger when handling malformed HTML HREF values and may result in a buffer overrun occuring within heap memory. As a...

Opera 7.117.20 HREF - Malformed Server Name Heap Corruption

Opera 7.117.20 HREF - Malformed Server Name Heap Corruption source: https://www.securityfocus.com/bid/8853/info A vulnerability has been discovered in the Opera web browser that could lead to remote code execution. The problem is said to trigger when handling malformed HTML HREF values and may...

Opera 7.20 - Mail Client Policy Circumvention

source: https://www.securityfocus.com/bid/8254/info The Opera M2 Mail Client is vulnerable to a policy circumvention issue that could allow information to be disclosed to a remote attacker. It is possible for an attacker to bypass the option to suppress the viewing of external embeds. This could...

Opera 7.20 - Mail Client Policy Circumvention

Opera 7.20 - Mail Client Policy Circumvention source: https://www.securityfocus.com/bid/8254/info The Opera M2 Mail Client is vulnerable to a policy circumvention issue that could allow information to be disclosed to a remote attacker. It is possible for an attacker to bypass the option to suppre...

[Opera 7] Five DoS codes on general web sites

--------------------------------------------------------------------------------- TITLE :Opera 7 Five DoS codes on general web sites -= Fastest browser on earth, Fastest crash on earth too =- PRODUCT : Opera for Windows VERSIONS : 7.11b build 2887 7.11 build 2880 7.10 build 2840 7.03 build 2670...

Buffer overflow

Product: Opera Version: 7.10 and other ? OffSite: http://www.opera.com/ Problem: Buffer overflow ------------------------------------------ Opera - popular web-browser. Local and remote buffer overflow will take place if client open in browser this page: DIV...

Secunia Research: Opera browser filename extension buffer overflows

Hi all, The second issue in this advisory is the same as reported by Nesumin. However, Secunia has been waiting for Opera Software to fix these vulnerabilities and therefore, we have not released our research until now. Unfortunately, while we were waiting for the vendor fix, the second...

Opera < 7.11 Filename Extension Handling Overflow

The version of Opera installed on the remote host has a buffer overflow condition in the code which handles the file extensions of the remote web pages. To exploit them, an attacker would need to set up a rogue website, then lure a user of this host visit it using Opera. He would then be able to...

[Opera 7/6] Long File Extension Heap Buffer Overrun Vulnerability in Download.

Greetings. We, :: Operash :: here release the information about vulnerability of Opera. --------------------------------------------------------------------------------- SUMMARY : Opera 7/6 Long File Extension Heap Buffer Overrun Vulnerability in Download. PRODUCT : Opera for Windows VERSIONS :...

[Opera 7] Yet Another Story of &quot;Phantom of the Opera&quot;

Greetings. We, :: Operash :: here release the information about vulnerability of Opera. --------------------------------------------------------------------------------- SYNOPSIS : Opera 7 Script Injection Vulnerability in JavaScript Console - Yet another story of "Phantom of the Opera". PRODUCT ...

Opera 7.0/7.10 - JavaScript Console Single Quote Attribute Injection

source: https://www.securityfocus.com/bid/7449/info A vulnerability has been reported for Opera 7 browsers for Microsoft Windows operating systems. The vulnerability exists in the Opera JavaScript console. Attackers may exploit the vulnerability to execute script code in a sensitive context...