Buffer overflow in Opera/Konqueror

Buffer overflow on large image scaleling...

Bug in Opera and Konqueror

/----------------+--------------------------------------+------------- | sp00fed packet | | advisory 2 | +----------------+--------------------------------------+-------------+ | Product: multiply vendors browsers | | Vulnerability: buffer overflow | | Danger: low |...

Opera FTP View Cross-Site Scripting Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Opera FTP View Cross-Site Scripting Vulnerability Date: 4 August 2002 Author: Eiji James Yoshida [email protected] Risk: Medium Vulnerable: Windows2000 SP2 Opera 6.03 Windows2000 SP2 Opera 6.04 Overview: Opera allows running Malicious...

Internet Explorer/Mozilla/Opera local zone script execution via FTP folders

It's possible to script on local securty zone if FTP folder presentation is enabled...

CVE-2002-0783

Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL...

operaftp.txt

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Title: Opera FTP View Cross-Site Scripting Vulnerability Date: 4 August 2002 Author: Eiji James Yoshida [email protected] Risk: Medium Vulnerable: Windows2000 SP2 Opera 6.03 Windows2000 SP2 Opera 6.04 Overview: Opera allows running Malicious...

Opera 6.0.x - FTP View Cross-Site Scripting

Opera 6.0.x - FTP View Cross-Site Scripting source: https://www.securityfocus.com/bid/5401/info A cross-site scripting vulnerability in Opera has been reported. When viewing the contents of an FTP site as web content, the data within tags is not sanitized. An attacker may embed javascript between...

Opera 6.0.x - FTP View Cross-Site Scripting

source: https://www.securityfocus.com/bid/5401/info A cross-site scripting vulnerability in Opera has been reported. When viewing the contents of an FTP site as web content, the data within tags is not sanitized. An attacker may embed javascript between open and closing tags in a FTP URL. This...

CVE-2002-0783

Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL...

CVE-2002-0783

CVE-2002-0783 affects Opera versions 5.12, 6.0, and 6.01. The vulnerability lets a remote attacker execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. The underlying flaw is exposure of frame/iframe navigation to a...

EUVD-2002-0775

Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL...

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion

Opera 6.0.1 Microsoft Internet Explorer 56 - JavaScript Modifier Keypress Event Subversion source: https://www.securityfocus.com/bid/5290/info An issue has been reported with the JavaScript implementation of multiple web browsers, including Microsoft Internet Explorer and Opera. Malicious...

CVE-2002-0243

Cross-site scripting vulnerability in Opera 6.0 and earlier allows remote attackers to execute arbitrary script via an Extended HTML Form, whose output from the remote server is not properly cleansed...

CVE-2002-0270

Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web...

Reading ANY local file in Opera (GM#001-OP)

GreyMagic Security Advisory GM001-OP ===================================== By GreyMagic Software, Israel. 27 May 2002. Available in HTML format at http://security.greymagic.com/adv/gm001-op/. Topic: Reading ANY local file in Opera. Discovery date: 07 May 2002. Affected applications:...

Opera 6.0.1/6.0.2 - Arbitrary File Disclosure

source: https://www.securityfocus.com/bid/4834/info A vulnerability has been reported in Opera 6.01/6.02. The vulnerability is related to handling of the 'file' HTML input-type. It is possible for a server to set the file value, while fooling Opera into thinking no file has been specified. This i...

Unauthorized local file access in Opera

Javascript submition of form with input type="file" element doesn't require user intervation...

Opera 6.0.16.0.2 - Arbitrary File Disclosure

Opera 6.0.16.0.2 - Arbitrary File Disclosure source: https://www.securityfocus.com/bid/4834/info A vulnerability has been reported in Opera 6.01/6.02. The vulnerability is related to handling of the 'file' HTML input-type. It is possible for a server to set the file value, while fooling Opera int...

Crossite scripting in Opera

javascript: URL is executed in context of previously loaded page...

Opera javascript protocoll vulnerability [Sandblad advisory #6]

Sandblad advisory 6 - ---..---..---..---..---..---..---..---..---..---..---..---..---- Title: Opera javascript protocoll vulnerability Date: 2002-05-15 Software: At least Opera 6.01, 6.0, 5.12 win Rating: High because Opera is assumed to be secure Impact: Read cookies/local filestructure/cache...