Vulnerabilities > Opera > Critical

DATE CVE VULNERABILITY TITLE RISK
2010-08-16 CVE-2010-3019 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opera Browser
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations.
network
opera CWE-119
critical
9.3
2010-07-08 CVE-2010-2666 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations.
network
opera microsoft apple CWE-264
critical
9.3
2010-07-08 CVE-2010-2657 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog.
network
opera CWE-264
critical
9.3
2010-06-22 CVE-2010-2421 Multiple Security vulnerability in Opera Web Browser prior to 10.54
Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors related to (1) "extremely severe," (2) "highly severe," (3) "moderately severe," and (4) "less severe" issues.
network
low complexity
opera
critical
10.0
2010-05-06 CVE-2010-1728 Resource Management Errors vulnerability in Opera Browser
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory.
network
opera apple microsoft CWE-399
critical
9.3
2010-04-12 CVE-2010-1349 Numeric Errors vulnerability in Opera Browser 10.10/10.50
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
network
low complexity
opera microsoft CWE-189
critical
10.0
2009-11-24 CVE-2009-4072 Remote Security vulnerability in Opera Web Browser
Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue."
network
low complexity
opera
critical
10.0
2009-10-30 CVE-2009-3831 Out-of-bounds Write vulnerability in Opera Browser
Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name.
network
opera CWE-787
critical
9.3
2009-05-11 CVE-2009-1599 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI.
network
opera adobe CWE-264
critical
9.3
2009-03-16 CVE-2009-0916 Multiple Security vulnerability in Opera Web Browser prior to 9.64
Unspecified vulnerability in Opera before 9.64 has unknown impact and attack vectors, related to a "moderately severe issue."
network
low complexity
opera
critical
10.0