Vulnerabilities > Opera Software

DATE CVE VULNERABILITY TITLE RISK
2009-10-30 CVE-2009-3832 Improper Input Validation vulnerability in multiple products
Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site.
5.8
2009-10-30 CVE-2009-3831 Code Injection vulnerability in multiple products
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
9.3
2009-03-16 CVE-2009-0915 Multiple Security vulnerability in Opera Web Browser prior to 9.64
Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.
6.8
2008-06-16 CVE-2008-2716 Multiple Security vulnerability in Opera Web Browser 9.27
Unspecified vulnerability in Opera before 9.5 allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the location, which can facilitate phishing attacks.
network
low complexity
opera-software
5.0
2007-10-08 CVE-2007-5276 Remote Security vulnerability in Opera Software Opera web Browser 9
Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80.
network
opera-software
4.3
2007-08-15 CVE-2007-4367 Remote Code Execution vulnerability in Opera Web Browser Invalid Pointer
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer."
network
opera-software
critical
9.3
2007-07-21 CVE-2007-3929 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Software Opera web Browser
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object.
network
opera-software CWE-119
critical
9.3
2007-05-22 CVE-2007-2809 Buffer Overflow vulnerability in Opera Web Browser Torrent File Handling
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file.
network
opera-software
critical
9.3
2007-04-25 CVE-2007-2274 Resource Management Errors vulnerability in Opera Software Opera 9.2
The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file.
network
low complexity
opera-software CWE-399
7.8
2007-03-10 CVE-2007-1377 Denial of Service vulnerability in Adobe Reader AcroPDF.DLL Resource Consumption
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
network
low complexity
adobe mozilla netscape opera-software
5.0