Vulnerabilities > Opera
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-06-11 | CVE-2007-3142 | Authentication Server Domain Spoofing vulnerability in Opera Browser 9.21 Visual truncation vulnerability in Opera 9.21 allows remote attackers to spoof the address bar and possibly conduct phishing attacks via a long hostname, which is truncated after 34 characters, as demonstrated by a phishing attack using HTTP Basic Authentication. network opera | 5.8 |
2007-05-22 | CVE-2007-2809 | Classic Buffer Overflow vulnerability in Opera Browser Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. | 9.3 |
2007-04-25 | CVE-2007-2274 | Memory Leak vulnerability in Opera Browser 9.2 The BitTorrent implementation in Opera 9.2 allows remote attackers to cause a denial of service (CPU consumption and application crash) via a malformed torrent file. | 7.8 |
2007-04-13 | CVE-2007-2022 | Information Exposure vulnerability in multiple products Adobe Macromedia Flash Player 7 and 9, when used with Opera before 9.20 or Konqueror before 20070613, allows remote attackers to obtain sensitive information (browser keystrokes), which are leaked to the Flash Player applet. | 6.8 |
2007-03-28 | CVE-2007-1737 | Security Bypass vulnerability in Opera Browser 9.10 Opera 9.10 does not check URLs embedded in (1) object or (2) iframe HTML tags against the phishing site blacklist, which allows remote attackers to bypass phishing protection. | 7.5 |
2007-03-21 | CVE-2007-1563 | Information Exposure vulnerability in Opera Browser 9.10 The FTP protocol implementation in Opera 9.10 allows remote attackers to allows remote servers to force the client to connect to other servers, perform a proxied port scan, or obtain sensitive information by specifying an alternate server address in an FTP PASV response. | 6.8 |
2007-03-10 | CVE-2007-1377 | Resource Exhaustion vulnerability in multiple products AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. | 5.0 |
2007-02-26 | CVE-2007-1115 | Cross-Site Scripting vulnerability in Opera Browser The child frames in Opera 9 before 9.20 inherit the default charset from the parent window when a charset is not specified in an HTTP Content-Type header or META tag, which allows remote attackers to conduct cross-site scripting (XSS) attacks, as demonstrated using the UTF-7 character set. | 4.3 |
2007-02-07 | CVE-2007-0802 | Improper Input Validation vulnerability in multiple products Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter. | 6.4 |
2007-02-07 | CVE-2006-6970 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser 9.10 Opera 9.10 Final allows remote attackers to bypass the Fraud Protection mechanism by adding certain characters to the end of a domain name, as demonstrated by the "." and "/" characters, which is not caught by the blacklist filter. | 5.0 |