SUSE-SA:2005:034: opera

The remote host is missing the patch for the advisory SUSE-SA:2005:034 opera. The web browser Opera has been updated to version 8.01 to fix various security-related bugs. Fixed XMLHttpRequest redirect vulnerability reported in Secunia Advisory 15008. Fixed cross-site scripting vulnerability...

CVE-2005-1475

The CVE-2005-1475 issue affects Opera 8.0 Final Build 1095 where the XMLHttpRequest object could bypass same-origin restrictions due to insufficient validation of server-side redirects, allowing a remote attacker to access resources on other domains and perform actions with the user’s privileges....

CVE-2005-1475

The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...

CVE-2005-1475

The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect...

[SA15008] Opera XMLHttpRequest Security Bypass

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

opera -- XMLHttpRequest security bypass

A Secunia Advisory reports: Secunia Research has discovered a vulnerability in Opera, which can be exploited by malicious people to steal content or to perform actions on other web sites with the privileges of the user. Normally, it should not be possible for the XMLHttpRequest object to access...

Opera < 8.01 Multiple Vulnerabilities

The version of Opera installed on the remote host is earlier than 8.01 and thus reportedly affected by multiple issues : - It may be possible for a malicious website to spoof dialog boxes. - It may be possible for a XMLHttpRequest object to gain unauthorized access to sensitive data. - The...

CVE-2005-0976

AppleWebKit WebCore and WebKit, as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs...

CVE-2005-0976

AppleWebKit-based browsers (WebCore/WebKit) are affected by CVE-2005-0976, which allows remote attackers to read local files via the XMLHttpRequest component. The vulnerability affects Safari 1.2+ and OmniWeb 5.1+ (and other WebKit-based apps using file: URLs), triggered by attacker‑supplied cont...

CVE-2005-0976

AppleWebKit WebCore and WebKit, as used in multiple products such as Safari 1.2 and OmniGroup OmniWeb 5.1, allows remote attackers to read arbitrary files via the XMLHttpRequest Javascript component, as demonstrated using automatically mounted disk images and file:// URLs...

Netscape < 6.2.3 XMLHttpRequest File / Directory Disclosure

Binary data 1755.prm...

CVE-2002-0354

The CVE-2002-0354 issue concerns the XMLHttpRequest (XMLHTTP) object in Netscape 6.1 and Mozilla 0.9.7. It permits remote attackers to read arbitrary files and list directories on a client by directing the browser to a file via a URL redirect and then reading the result through responseText. This...