Vulnerabilities > Opera > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2012-03-28 | CVE-2012-1926 | Information Exposure vulnerability in Opera Browser Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. | 5.0 |
| 2012-03-28 | CVE-2012-1925 | Unspecified vulnerability in Opera Browser Opera before 11.62 does not ensure that a dialog window is placed on top of content windows, which makes it easier for user-assisted remote attackers to trick users into downloading and executing arbitrary files via a download dialog located under other windows. network opera | 6.8 |
| 2012-03-28 | CVE-2012-1924 | Code Injection vulnerability in Opera Browser Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog. | 6.8 |
| 2012-02-07 | CVE-2012-1003 | Numeric Errors vulnerability in Opera Browser Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. | 5.0 |
| 2011-12-07 | CVE-2011-4690 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera 11.60 and earlier does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts, which makes it easier for remote attackers to determine whether a document exists in the browser cache via crafted JavaScript code. | 5.0 |
| 2011-12-07 | CVE-2011-4687 | Resource Management Errors vulnerability in Opera Browser Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page. | 5.0 |
| 2011-12-07 | CVE-2011-4686 | Unspecified vulnerability in Opera Browser Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors. | 5.0 |
| 2011-12-07 | CVE-2011-4685 | Improper Input Validation vulnerability in Opera Browser Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com. | 5.0 |
| 2011-12-07 | CVE-2011-4682 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. | 6.4 |
| 2011-12-07 | CVE-2011-4681 | Permissions, Privileges, and Access Controls vulnerability in Opera Browser Opera before 11.60 does not properly consider the number of . | 5.0 |