CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2006-3945
https://notcve.org/view.php?id=CVE-2006-3945
31 Jul 2006 — The CSS functionality in Opera 9 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) by setting the background property of a DHTML element to a long http or https URL, which triggers memory corruption. La funcionalidad CSS en Opera 9 en Windows XP SP2 permite a atacantes remotos provocar una denegación de servicio (caída) estableciendo la propiedad background de un elemento DHTML con una URL http o https larga, lo cual provoca una corrupción de memoria. • http://browserfun.blogspot.com/2006/07/mobb-26-opera-css-background.html • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 1%CPEs: 1EXPL: 3CVE-2006-3353 – Opera Web Browser 9.00 - 'iframe' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3353
06 Jul 2006 — Opera 9 allows remote attackers to cause a denial of service (crash) via a crafted web page that triggers an out-of-bounds memory access, related to an iframe and JavaScript that accesses certain style sheets properties. Vulnerabilidad que permite a atacantes remotos causar una denegación de servicio (indisponibilidad de la aplicación) a través de una página web modificada maliciosamente que provoca accesos a memoria fuera de rango. Está relacionada con un iframe y con JavaScript que accede a determinadas p... • https://www.exploit-db.com/exploits/1972 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0CVE-2006-3331
https://notcve.org/view.php?id=CVE-2006-3331
30 Jun 2006 — Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks. Opera antes de la v9.0, no restaura la barra de seguridad SSL después de mostrar un diálogo de descarga de un sitio Web con SSL, lo que permite a atacantes remotos suplantar certificados SSL de confianza de un sitio web que no es de confianza y facilita los ataques de p... • http://secunia.com/advisories/19480 •
CVSS: 9.8EPSS: 44%CPEs: 1EXPL: 0CVE-2006-3198
https://notcve.org/view.php?id=CVE-2006-3198
23 Jun 2006 — Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended. Desbordamiento de entero en Opera v8.54 y anteriores permite a atacantes remotos ejecutar código de su elección a través de una imagen JPEG con medidas excesivas de ancho y largo, lo que provoca se reserve menos memoria de la que se requiere. • http://secunia.com/advisories/20787 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 2%CPEs: 1EXPL: 3CVE-2006-3199 – Opera 9 - long href Remote Denial of Service
https://notcve.org/view.php?id=CVE-2006-3199
23 Jun 2006 — Opera 9 allows remote attackers to cause a denial of service (crash) via an A tag with an href attribute with a URL containing a long hostname, which triggers an out-of-bounds operation. Opera v9 permite a atacantes remotos causar una denegación de servicio (caída) a través de un A tag con un atributo href con una URL que contiene un nombre de host grande, lo que provoca una operación fuera de rango. • https://www.exploit-db.com/exploits/1937 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 13%CPEs: 88EXPL: 4CVE-2006-1834 – Opera Web Browser 8.52 - Stylesheet Attribute Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-1834
19 Apr 2006 — Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings. Error de entero sin signo en Opera en versiones anteriores a 8.54 permite a atacantes remotos ejecutar código arbitrario a través de valores largos en un atributo de la hoja de estilos, lo que pasa una verificación de longitud. NOTA: un problema de extensión de signo h... • https://www.exploit-db.com/exploits/27641 • CWE-189: Numeric Errors •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 5CVE-2005-4718 – Opera 8.02 - Remote Denial of Service
https://notcve.org/view.php?id=CVE-2005-4718
31 Dec 2005 — Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margin:-99;" STYLE attribute. • https://www.exploit-db.com/exploits/1254 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2005-4210
https://notcve.org/view.php?id=CVE-2005-4210
13 Dec 2005 — Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title. • http://secunia.com/advisories/17963 •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 3CVE-2005-3946
https://notcve.org/view.php?id=CVE-2005-3946
01 Dec 2005 — Opera 8.50 allows remote attackers to cause a denial of service (crash) via a Java applet with a large string argument to the removeMember JNI method for the com.opera.JSObject class. • http://www.illegalaccess.org/exploit/opera85/OperaApplet.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 41%CPEs: 1EXPL: 0CVE-2005-3750
https://notcve.org/view.php?id=CVE-2005-3750
22 Nov 2005 — Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera. Opera anterior a 8.51 en sistemas Linux y Unix permite a atacantes remotos ejecutar código de su elección mediante metacaractérs de 'shell' ('backticks') en una URL que otro producto provee en un argumento de línea de comandos cuando se lanza Opera. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0677.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •