Page 27 of 133 results (0.005 seconds)

CVSS: 9.3EPSS: 4%CPEs: 97EXPL: 0

The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption. El motor de análisis HTML en versiones de Opera anteriores a la 9.63 permite a atacantes remotos ejecutar código arbitrario a través de páginas web convenientemente modificadas ocasionando un calculo de puntero inválido y la corrupción del montículo (heap). • http://secunia.com/advisories/34294 http://security.gentoo.org/glsa/glsa-200903-30.xml http://securityreason.com/securityalert/4791 http://www.nruns.com/security_advisory_opera_html_parsing_code_execution.php http://www.opera.com/docs/changelogs/linux/963 http://www.opera.com/support/kb/view/921 http://www.securityfocus.com/archive/1/499315/100/0/threaded http://www.securitytracker.com/id?1021460 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 47%CPEs: 2EXPL: 2

Heap-based buffer overflow in Opera 9.62 on Windows allows remote attackers to execute arbitrary code via a long file:// URI. NOTE: this might overlap CVE-2008-5680. Desbordamiento de búfer basado en montículo en Opera v9.62 que permitiría a atacantes remotos ejecutar código a su elección a través de un fichero largo: // URI. • https://www.exploit-db.com/exploits/7135 http://archives.neohapsis.com/archives/bugtraq/2008-11/0110.html http://osvdb.org/49882 http://secunia.com/advisories/32752 http://secunia.com/advisories/34294 http://security.gentoo.org/glsa/glsa-200903-30.xml http://www.opera.com/support/kb/view/922 http://www.securityfocus.com/bid/32323 http://www.vupen.com/english/advisories/2008/3183 https://exchange.xforce.ibmcloud.com/vulnerabilities/46653 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 105EXPL: 1

Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723. Opera permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) mediante una página web que contiene un gran número de etiquetas de marquesina anidadas, un problema relacionado con CVE-2006-2723. • http://archives.neohapsis.com/archives/bugtraq/2006-06/0085.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26898 • CWE-20: Improper Input Validation •