Page 3 of 13 results (0.004 seconds)

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache. • https://www.exploit-db.com/exploits/21156 http://marc.info/?l=bugtraq&m=100586079932284&w=2 http://marc.info/?l=bugtraq&m=100588139312696&w=2 http://www.iss.net/security_center/static/7567.php http://www.securityfocus.com/bid/3553 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name. • http://online.securityfocus.com/archive/1/196980 http://www.iss.net/security_center/static/6838.php http://www.securityfocus.com/bid/3012 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag. • http://www.securityfocus.com/archive/1/10320 https://exchange.xforce.ibmcloud.com/vulnerabilities/1541 •