CVSS: 4.3EPSS: 0%CPEs: 243EXPL: 0CVE-2010-2661
https://notcve.org/view.php?id=CVE-2010-2661
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. Opera anterior a v10.54 en Windows y Mac OS X, y anterior a v10.60 en las plataformas UNIX, no restringe adecuadamente el acceso a la ruta completa de un archivo seleccionado para la carga, lo cual permite a atacantes remotos obtener información sensible a través de manipulaciones DOM no especificados. • http://secunia.com/advisories/40250 http://www.opera.com/docs/changelogs/mac/1054 http://www.opera.com/docs/changelogs/unix/1060 http://www.opera.com/docs/changelogs/windows/1054 http://www.opera.com/support/search/view/960 http://www.securityfocus.com/bid/40973 http://www.vupen.com/english/advisories/2010/1529 http://www.vupen.com/english/advisories/2010/1673 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11669 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 111EXPL: 0CVE-2010-2662
https://notcve.org/view.php?id=CVE-2010-2662
Opera before 10.60 allows remote attackers to bypass the popup blocker via a javascript: URL and a "fake click." Opera anterior a v10.60 permite a atacantes remotos eludir el bloqueador de ventanas emergentes a través de una URL javascript y un "clic falso". • http://www.opera.com/docs/changelogs/mac/1060 http://www.opera.com/docs/changelogs/unix/1060 http://www.opera.com/docs/changelogs/windows/1060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11157 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 0%CPEs: 105EXPL: 1CVE-2010-2455
https://notcve.org/view.php?id=CVE-2010-2455
Opera does not properly manage the address bar between the request to open a URL and the retrieval of the new document's content, which might allow remote attackers to conduct spoofing attacks via a crafted HTML document, a related issue to CVE-2010-1206. Opera no dirige maneja adecuadamente la barra de dirección entre la petición para abrir una URL y recuperar el contenido de nuevos documentos, lo que puede permitir a atacantes remotos conducir ataques spoofing a través de un documento HTML manipulado, relacionado con el comportamiento de CVE-2010-1206. • https://bugzilla.mozilla.org/show_bug.cgi?id=556957 https://exchange.xforce.ibmcloud.com/vulnerabilities/59831 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 103EXPL: 0CVE-2010-2421
https://notcve.org/view.php?id=CVE-2010-2421
Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors related to (1) "extremely severe," (2) "highly severe," (3) "moderately severe," and (4) "less severe" issues. Múltiples vulnerabilidades no especificadas en Opera en versiones anteriores a la 10.54 tienen un impacto desconocido y vectores de ataque relacionados con problemas (1) "extremadamente graves", (2) "muy graves", (3) "moderadamente graves" y (4) "menos graves". • http://secunia.com/advisories/40250 http://www.opera.com/docs/changelogs/mac/1054 http://www.opera.com/docs/changelogs/windows/1054 http://www.securityfocus.com/bid/40973 http://www.vupen.com/english/advisories/2010/1529 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11352 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2010-2121
https://notcve.org/view.php?id=CVE-2010-2121
Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs. Vulnerabilidad en Opera v9.52 permite a atacantes remotos provocar una denegación de servicio (agotamiento de recursos) a través de código JavaScript que contenga un bucle infinito que crea elementos IFRAME para URls inválidas de tipo (1) news:// o (2) nntp:// • http://websecurity.com.ua/4238 http://www.securityfocus.com/archive/1/511509/100/0/threaded https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11622 • CWE-399: Resource Management Errors •