Vulnerabilities > Opera > Opera Browser > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-12-07 | CVE-2011-4681 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.60 does not properly consider the number of . | 5.0 |
| 2011-12-07 | CVE-2010-5072 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser 10.50 The JavaScript implementation in Opera 10.5 does not properly restrict the set of values contained in the object returned by the getComputedStyle method, which allows remote attackers to obtain sensitive information about visited web pages by calling this method. | 5.0 |
| 2011-12-07 | CVE-2010-5068 | Information Exposure vulnerability in Opera Browser 10.50 The Cascading Style Sheets (CSS) implementation in Opera 10.5 does not properly handle the :visited pseudo-class, which allows remote attackers to obtain sensitive information about visited web pages via a crafted HTML document, a related issue to CVE-2010-2264. | 4.3 |
| 2011-09-06 | CVE-2011-3388 | Information Exposure vulnerability in Opera Browser Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site, instead of the insecure site. | 4.3 |
| 2011-08-09 | CVE-2008-7297 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera cannot properly restrict modifications to cookies established in HTTPS sessions, which allows man-in-the-middle attackers to overwrite or delete arbitrary cookies via a Set-Cookie header in an HTTP response, related to lack of the HTTP Strict Transport Security (HSTS) includeSubDomains feature, aka a "cookie forcing" issue. | 5.8 |
| 2011-07-01 | CVE-2011-2641 | Resource Management Errors vulnerability in Opera Browser 11.11 Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value. | 5.0 |
| 2011-07-01 | CVE-2011-2640 | Resource Management Errors vulnerability in Opera Browser Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet. | 5.0 |
| 2011-07-01 | CVE-2011-2639 | Resource Management Errors vulnerability in Opera Browser Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints. | 5.0 |
| 2011-07-01 | CVE-2011-2638 | Unspecified vulnerability in Opera Browser Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com. | 5.0 |
| 2011-07-01 | CVE-2011-2637 | Unspecified vulnerability in Opera Browser Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org. | 5.0 |