Vulnerabilities > Opera > Opera Browser > 8.00
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-16 | CVE-2010-2576 | Code Injection vulnerability in Opera Browser Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407. | 6.8 |
2010-07-08 | CVE-2010-2666 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations. | 9.3 |
2010-07-08 | CVE-2010-2665 | Cross-Site Scripting vulnerability in Opera Browser Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site." | 4.3 |
2010-07-08 | CVE-2010-2661 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. | 4.3 |
2010-07-08 | CVE-2010-2660 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices of characters. | 4.3 |
2010-07-08 | CVE-2010-2657 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog. | 9.3 |
2010-05-06 | CVE-2010-1728 | Resource Management Errors vulnerability in Opera Browser Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. | 9.3 |
2009-10-30 | CVE-2009-3832 | Open Redirect vulnerability in Opera Browser Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. | 5.8 |
2009-10-30 | CVE-2009-3831 | Out-of-bounds Write vulnerability in Opera Browser Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. | 9.3 |
2009-09-18 | CVE-2009-3269 | Resource Management Errors vulnerability in Opera Browser Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a series of automatic submissions of a form containing a KEYGEN element, a related issue to CVE-2009-1828. | 5.0 |