4487 matches found
Opera 6.0/7.0 - 'Username' URI Warning Dialog Buffer Overflow
source: https://www.securityfocus.com/bid/6811/info The Opera browser for Win32 and possibly other systems is prone to a remotely exploitable buffer overflow condition. For security purposes, Opera will display a warning any time a user of the client visits a link containing a username as part of...
Opera 7.0 - History Object Information Disclosure
Opera 7.0 - History Object Information Disclosure source: https://www.securityfocus.com/bid/6757/info An information disclosure weakness has been reported for Opera 7 browsers on the Microsoft Windows platform. The weakness is due to the way the history object exposes some properties. Specificall...
Opera 7.0 - JavaScript Console Attribute Injection
source: https://www.securityfocus.com/bid/6755/info A vulnerability has been reported for Opera 7 browsers for Microsoft Windows operating systems. The vulnerability exists in the Opera JavaScript console. Attackers may exploit the vulnerability to execute script code in a sensitive context...
Opera 7.0 - History Object Information Disclosure
source: https://www.securityfocus.com/bid/6757/info An information disclosure weakness has been reported for Opera 7 browsers on the Microsoft Windows platform. The weakness is due to the way the history object exposes some properties. Specifically, the properties history.next and history.previou...
Opera 7.0 - Error Message History Disclosure
source: https://www.securityfocus.com/bid/6759/info It has been reported that Opera fails to ensure that a remote site has proper authorization before executing some methods used to access error messages stored in the Opera console. This issue is further exacerbated by the fact that error message...
Opera Cross Domain Scripting Vulnerability
Description A vulnerability has been reported reported for Opera 7 browsers for Microsoft Windows operating systems. Due to flaws in Opera, it is possible for functions in different domains to be accessed and executed by an attacker with the credentials of the victim user. This vulnerability is...
Opera's Security Model is Highly Vulnerable (GM#002-OP)
GreyMagic Security Advisory GM002-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm002-op/. Topic: Opera's Security Model is Highly Vulnerable. Discovery date: 14 Nov 2002. Affected applications:...
Phantom of the Opera (GM#003-OP)
GreyMagic Security Advisory GM003-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm003-op/. Topic: Phantom of the Opera. Discovery date: 29 Jan 2003. Affected applications: ======================...
Opera 7.0 - Error Message History Disclosure
Opera 7.0 - Error Message History Disclosure source: https://www.securityfocus.com/bid/6759/info It has been reported that Opera fails to ensure that a remote site has proper authorization before executing some methods used to access error messages stored in the Opera console. This issue is furth...
Opera: What's Next (GM#005-OP)
GreyMagic Security Advisory GM005-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm005-op/. Topic: Opera: What's Next. Discovery date: 28 Jan 2003. Affected applications: ====================== Ope...
Sniffing Opera's Tracks (GM#006-OP)
GreyMagic Security Advisory GM006-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm006-op/. Topic: Sniffing Opera's Tracks. Discovery date: 29 Jan 2003. Affected applications: =====================...
Opera 7.0 - JavaScript Console Attribute Injection
Opera 7.0 - JavaScript Console Attribute Injection source: https://www.securityfocus.com/bid/6755/info A vulnerability has been reported for Opera 7 browsers for Microsoft Windows operating systems. The vulnerability exists in the Opera JavaScript console. Attackers may exploit the vulnerability ...
Opera 7 - Image Rendering HTML Injection
source: https://www.securityfocus.com/bid/6756/info It has been reported that, when generating HTML to display images or embedded media, Opera does not correctly format the provided URL or sufficiently encode URLs to local files. As a result of this lack of sanitization Opera is vulnerable to HTM...
Opera Images (GM#004-OP)
GreyMagic Security Advisory GM004-OP ===================================== By GreyMagic Software, Israel. 04 Feb 2003. Available in HTML format at http://security.greymagic.com/adv/gm004-op/. Topic: Opera Images. Discovery date: 29 Jan 2003. Affected applications: ====================== Opera 7...
Opera 6.0/7.0 - opera.PluginContext Native Method Denial of Service
source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Java applet to trigger this condition to cause a denial of service...
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service
Opera 6.07.0 - opera.PluginContext Native Method Denial of Service source: https://www.securityfocus.com/bid/6814/info Opera ships with a trusted Java class 'opera.PluginContext' that includes a native method that is reportedly prone to denial of service attacks. It is possible for a malicious Ja...
CVE-2002-2312
Opera 6.0.1 allows remote attackers to upload arbitrary file contents when users press a key corresponding to the JavaScript 1 event.ctrlKey or 2 event.shiftKey onkeydown event contained in a webpage...
CVE-2002-2332
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service crash via an IMG tag with large width and height attributes...
CVE-2002-2358
Cross-site scripting XSS vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL...
CVE-2002-2414
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority CA certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service crash...