Opera Browser Security Vulnerabilities and Issues — Opera Browser CVE List

Lucene search

OperaOpera Browser

9 matches found

CVE•added 2006/04/19 4:6 p.m.•65 views

CVE-2006-1834

Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings.

5.1CVSS7.5AI score0.15762EPSS

CVE•added 2006/06/23 8:6 p.m.•58 views

CVE-2006-3198

Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.

7.5CVSS7.7AI score0.09592EPSS

CVE•added 2006/06/23 8:6 p.m.•56 views

CVE-2006-3199

Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation.

5CVSS7AI score0.15447EPSS

CVE•added 2006/10/17 9:7 p.m.•55 views

CVE-2006-4819

Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address).

5.1CVSS7.8AI score0.13918EPSS

CVE•added 2006/04/29 10:0 a.m.•51 views

CVE-2004-2659

Opera offers an Open button to verify that a user wishes to execute a downloaded file, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking Open via a request for a different mouse or keyboard action very shortly before the Open dialog appears. ...

4CVSS7AI score0.01113EPSS

CVE•added 2006/02/15 11:0 a.m.•46 views

CVE-2005-4718

Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margi...

5CVSS6.8AI score0.1086EPSS

CVE•added 2006/06/30 11:5 p.m.•44 views

CVE-2006-3331

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.

5CVSS6.7AI score0.01494EPSS

CVE•added 2006/07/06 1:5 a.m.•43 views

CVE-2006-3353

Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties.

5CVSS6.9AI score0.11046EPSS

CVE•added 2006/07/31 11:4 p.m.•39 views

CVE-2006-3945

The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption.

5CVSS7AI score0.01063EPSS