Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Opera Browser Security Vulnerabilities - 2006

cve
cve

CVE-2004-2659

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. ...

7AI Score

0.007EPSS

2006-04-29 10:00 AM
33
cve
cve

CVE-2005-4718

Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margi...

6.8AI Score

0.007EPSS

2006-02-15 11:00 AM
27
cve
cve

CVE-2006-1834

Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings.

7.5AI Score

0.095EPSS

2006-04-19 04:06 PM
47
cve
cve

CVE-2006-3198

Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.

7.7AI Score

0.086EPSS

2006-06-23 08:06 PM
38
cve
cve

CVE-2006-3199

Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.

7AI Score

0.03EPSS

2006-06-23 08:06 PM
41
cve
cve

CVE-2006-3331

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.

6.7AI Score

0.017EPSS

2006-06-30 11:05 PM
31
cve
cve

CVE-2006-3353

Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.

6.9AI Score

0.017EPSS

2006-07-06 01:05 AM
33
cve
cve

CVE-2006-3945

The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.

7AI Score

0.007EPSS

2006-07-31 11:04 PM
30
cve
cve

CVE-2006-4819

Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).

7.8AI Score

0.299EPSS

2006-10-17 09:07 PM
35