Lucene search
K
Opera SoftwareOpera Web Browser

13 matches found

CVE
CVE
added 2005/02/07 5:0 a.m.97 views

CVE-2005-0233

The CVE-2005-0233 entry describes an IDN spoofing vulnerability in Mozilla/Firefox-related products: IDN support in Firefox 1.0, Camino 0.8.5, and Mozilla before 1.7.6 decodes punycode-encoded domain names in URLs and SSL certificates in a way that can render homograph characters from other scrip...

7.5CVSS6.2AI score0.20398EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.63 views

CVE-2002-0270

CVE-2002-0270 involves Opera. When the option “Determine action by MIME type” is disabled, Opera may treat an object as an HTML document even if its Content-Type is text/plain. This can allow remote attackers to execute arbitrary scripts in documents users do not expect, potentially affecting web...

4.3CVSS6.8AI score0.04733EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.58 views

CVE-2002-1091

CVE-2002-1091 affects Netscape 6.2.3 and earlier and Mozilla 1.0.1, where a crafted GIF image with zero width can cause heap corruption and arbitrary code execution on remote systems. The connected documents corroborate the vulnerability across multiple advisories (NVD entry; Mandrake MDKSA advis...

7.5CVSS7.6AI score0.04284EPSS
CVE
CVE
added 2007/10/26 7:0 p.m.52 views

CVE-2002-2311

Microsoft Internet Explorer 6.0 (and possibly others) is affected by CVE-2002-2311. The issue arises when a webpage contains a onkeydown handler that checks event.ctrlKey or event.shiftKey; with those keys pressed, a remote attacker can upload arbitrary file contents. This is the underlying vulne...

6.4CVSS7.2AI score0.09506EPSS
CVE
CVE
added 2002/02/02 5:0 a.m.50 views

CVE-2001-0898

Opera 6.0 and earlier are affected by a remote information disclosure vulnerability where JavaScript using setTimeout can access data across domains (1) after opening a new window to a different domain, and (2) via about:cache, exposing cookies and cross-domain links. Root cause: cross-origin dat...

5CVSS6.8AI score0.03092EPSS
CVE
CVE
added 2007/10/26 7:0 p.m.47 views

CVE-2002-2332

CVE-2002-2332 concerns a buffer overflow in Opera 6.01 triggered by an IMG tag with oversized width/height attributes, enabling a remote attacker to cause a denial-of-service crash. The connected documents confirm the issue but do not provide exploitation details or a fix. No remediation is speci...

5CVSS7.3AI score0.01787EPSS
CVE
CVE
added 2007/10/29 7:0 p.m.46 views

CVE-2002-2358

CVE-2002-2358 is an XSS vulnerability in Opera’s FTP view feature (versions 6.0 and 6.01–6.04) allowing injection of arbitrary script/HTML via the title tag of an FTP URL. Connected sources (e.g., Red Hat CVE page) corroborate the same description. The vulnerability arises from unsafe handling of...

4.3CVSS6AI score0.01709EPSS
CVE
CVE
added 2005/06/21 4:0 a.m.45 views

CVE-2001-1491

Opera 5.11 is vulnerable to a denial of service via a web page containing a large number of images, causing CPU consumption and a memory leak. This results in partial loss of availability. The provided documents do not include specific exploit details, affected versions beyond Opera 5.11, or reme...

5CVSS7AI score0.0697EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.41 views

CVE-2001-1245

Opera 5.0 for Linux is affected by a denial-of-service vulnerability caused by improper handling of malformed HTTP headers. A remote attacker could trigger a crash, potentially by sending a header whose value matches a MIME header name. The root cause is not detailed beyond this description, and ...

5CVSS7.2AI score0.02442EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.40 views

CVE-1999-1283

Opera 3.2.1 is affected by a vulnerability where a URL containing an extra / in the http:// tag can trigger a denial of service (application crash). Root cause is in URL handling within Opera 3.2.1 (no further technical specifics provided in the documents). Impact stated: availability degradation...

5CVSS7.4AI score0.01268EPSS
CVE
CVE
added 2002/07/26 4:0 a.m.40 views

CVE-2002-0783

CVE-2002-0783 affects Opera versions 5.12, 6.0, and 6.01. The vulnerability lets a remote attacker execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. The underlying flaw is exposure of frame/iframe navigation to a...

7.5CVSS7.7AI score0.02813EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.40 views

CVE-2002-0898

The CVE-2002-0898 entry affects Opera 6.0.1 and 6.0.2. The flaw arises in the handling of an HTML input element of type=file, where a newline in the value can enable a remote attacker to upload arbitrary files from the client system without user prompting. This represents a client-side security r...

5CVSS7.1AI score0.05957EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.33 views

CVE-2002-0243

CVE-2002-0243 describes a cross-site scripting vulnerability in Opera 6.0 and earlier. An Extended HTML Form output from the remote server is not properly cleansed, allowing remote attackers to execute arbitrary script. The NVD record lists a base score of 7.5 (HIGH) with NETWORK attack vector an...

7.5CVSS7.1AI score0.01366EPSS