13 matches found
CVE-2005-0233
The CVE-2005-0233 entry describes an IDN spoofing vulnerability in Mozilla/Firefox-related products: IDN support in Firefox 1.0, Camino 0.8.5, and Mozilla before 1.7.6 decodes punycode-encoded domain names in URLs and SSL certificates in a way that can render homograph characters from other scrip...
CVE-2002-0270
CVE-2002-0270 involves Opera. When the option “Determine action by MIME type” is disabled, Opera may treat an object as an HTML document even if its Content-Type is text/plain. This can allow remote attackers to execute arbitrary scripts in documents users do not expect, potentially affecting web...
CVE-2002-1091
CVE-2002-1091 affects Netscape 6.2.3 and earlier and Mozilla 1.0.1, where a crafted GIF image with zero width can cause heap corruption and arbitrary code execution on remote systems. The connected documents corroborate the vulnerability across multiple advisories (NVD entry; Mandrake MDKSA advis...
CVE-2002-2311
Microsoft Internet Explorer 6.0 (and possibly others) is affected by CVE-2002-2311. The issue arises when a webpage contains a onkeydown handler that checks event.ctrlKey or event.shiftKey; with those keys pressed, a remote attacker can upload arbitrary file contents. This is the underlying vulne...
CVE-2001-0898
Opera 6.0 and earlier are affected by a remote information disclosure vulnerability where JavaScript using setTimeout can access data across domains (1) after opening a new window to a different domain, and (2) via about:cache, exposing cookies and cross-domain links. Root cause: cross-origin dat...
CVE-2002-2332
CVE-2002-2332 concerns a buffer overflow in Opera 6.01 triggered by an IMG tag with oversized width/height attributes, enabling a remote attacker to cause a denial-of-service crash. The connected documents confirm the issue but do not provide exploitation details or a fix. No remediation is speci...
CVE-2002-2358
CVE-2002-2358 is an XSS vulnerability in Opera’s FTP view feature (versions 6.0 and 6.01–6.04) allowing injection of arbitrary script/HTML via the title tag of an FTP URL. Connected sources (e.g., Red Hat CVE page) corroborate the same description. The vulnerability arises from unsafe handling of...
CVE-2001-1491
Opera 5.11 is vulnerable to a denial of service via a web page containing a large number of images, causing CPU consumption and a memory leak. This results in partial loss of availability. The provided documents do not include specific exploit details, affected versions beyond Opera 5.11, or reme...
CVE-2001-1245
Opera 5.0 for Linux is affected by a denial-of-service vulnerability caused by improper handling of malformed HTTP headers. A remote attacker could trigger a crash, potentially by sending a header whose value matches a MIME header name. The root cause is not detailed beyond this description, and ...
CVE-1999-1283
Opera 3.2.1 is affected by a vulnerability where a URL containing an extra / in the http:// tag can trigger a denial of service (application crash). Root cause is in URL handling within Opera 3.2.1 (no further technical specifics provided in the documents). Impact stated: availability degradation...
CVE-2002-0783
CVE-2002-0783 affects Opera versions 5.12, 6.0, and 6.01. The vulnerability lets a remote attacker execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. The underlying flaw is exposure of frame/iframe navigation to a...
CVE-2002-0898
The CVE-2002-0898 entry affects Opera 6.0.1 and 6.0.2. The flaw arises in the handling of an HTML input element of type=file, where a newline in the value can enable a remote attacker to upload arbitrary files from the client system without user prompting. This represents a client-side security r...
CVE-2002-0243
CVE-2002-0243 describes a cross-site scripting vulnerability in Opera 6.0 and earlier. An Extended HTML Form output from the remote server is not properly cleansed, allowing remote attackers to execute arbitrary script. The NVD record lists a base score of 7.5 (HIGH) with NETWORK attack vector an...