Vulnerabilities > Opera > Opera Browser > 9.24
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-29 | CVE-2008-1082 | Cross-Site Scripting vulnerability in Opera Browser Opera before 9.26 allows remote attackers to "bypass sanitization filters" and conduct cross-site scripting (XSS) attacks via crafted attribute values in an XML document, which are not properly handled during DOM presentation. | 4.3 |
2008-02-29 | CVE-2008-1081 | Code Injection vulnerability in Opera Browser Opera before 9.26 allows user-assisted remote attackers to execute arbitrary script via images that contain custom comments, which are treated as script when the user displays the image properties. | 6.8 |
2008-02-29 | CVE-2008-1080 | Improper Input Validation vulnerability in Opera Browser Opera before 9.26 allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of the target filename into a file input. | 6.8 |
2007-12-24 | CVE-2007-6524 | Information Exposure vulnerability in Opera Browser Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420. | 7.8 |
2007-12-24 | CVE-2007-6523 | Resource Management Errors vulnerability in Opera Browser Algorithmic complexity vulnerability in Opera 9.50 beta and 9.x before 9.25 allows remote attackers to cause a denial of service (CPU consumption) via a crafted bitmap (BMP) file that triggers a large number of calculations and checks. | 7.8 |
2007-12-24 | CVE-2007-6522 | Cross-Site Scripting vulnerability in Opera Browser The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains. | 4.3 |
2007-12-24 | CVE-2007-6521 | Cryptographic Issues vulnerability in Opera Browser Unspecified vulnerability in Opera before 9.25 allows remote attackers to execute arbitrary code via crafted TLS certificates. | 10.0 |
2007-12-24 | CVE-2007-6520 | Cross-Site Scripting vulnerability in Opera Browser Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks via unknown vectors related to plug-ins. | 4.3 |
2007-01-29 | CVE-2006-6955 | Improper Input Validation vulnerability in Opera Browser Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723. | 4.3 |