CVSS: 10.0EPSS: 0%CPEs: 85EXPL: 0CVE-2008-4292
https://notcve.org/view.php?id=CVE-2008-4292
Opera before 9.52 does not check the CRL override upon encountering a certificate that lacks a CRL, which has unknown impact and attack vectors. NOTE: it is not clear whether this is a vulnerability, but the vendor included it in a security section of the advisory. Opera anterior a v9.52 no comprueba el inválido CRL tras encontrar un certificado que carece de un CRL, lo cual tiene impacto y vectores de ataque desconocidos. NOTA: no está claro si esto es una vulnerabilidad, pero el vendedor lo incluye en la sección de avisos de seguridad. • http://bugs.gentoo.org/show_bug.cgi?id=235298 http://my.opera.com/community/forums/topic.dml?id=241988&t=1222404671&page=1 http://my.opera.com/yngve/blog/2008/06/27/nobody-checks-the-padlock-debunked-by-opera-users http://secunia.com/advisories/31549 http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://www.openwall.com/lists/oss-security/2008/09/19/2 http://www.openwall.com/lists/oss-security/2008/09/24/4 http:/&#x • CWE-255: Credentials Management Errors •
CVSS: 7.8EPSS: 0%CPEs: 108EXPL: 0CVE-2008-3078
https://notcve.org/view.php?id=CVE-2008-3078
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image. Opera anterior a 9.51, no maneja de forma adecuada la memoria en funciones que soportan el elemento CANVAS, esto permite a atacantes remotos leer contenidos de memoria no iniciada utilizando JavaScript para leer el lienzo de la imagen. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html http://secunia.com/advisories/30935 http://secunia.com/advisories/31339 http://www.opera.com/docs/changelogs/freebsd/951 http://www.opera.com/docs/changelogs/linux/951 http://www.opera.com/docs/changelogs/mac/951 http://www.opera.com/docs/changelogs/solaris/951 http://www.opera.com/docs/changelogs/windows/951 http://www.opera.com/support/search/view/887 http://www.securityfocus.com/bid/30068&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0CVE-2008-3079
https://notcve.org/view.php?id=CVE-2008-3079
Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Opera anterior a 9.51 en Windows, permite a atacantes ejecutar código de su elección a través de vectores desconocidos. • http://secunia.com/advisories/30937 http://www.opera.com/docs/changelogs/windows/951 http://www.vupen.com/english/advisories/2008/1998/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43576 •
CVSS: 5.0EPSS: 0%CPEs: 108EXPL: 0CVE-2008-2715
https://notcve.org/view.php?id=CVE-2008-2715
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns. Vulnerabilidad no especificada en Opera anterior a 9.5 permite a atacantes remotos leer imágenes de dominios cruzados mediante elementos HTML CANVAS que utilizan imágenes como patrones. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html http://secunia.com/advisories/30636 http://secunia.com/advisories/30682 http://www.opera.com/docs/changelogs/linux/950/#security http://www.opera.com/docs/changelogs/windows/950/#security http://www.opera.com/support/search/view/883 http://www.securityfocus.com/bid/29684 http://www.securitytracker.com/id?1020291 http://www.vupen.com/english/advisories/2008/1812 https://exchange.xforce.ibmcloud.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.0EPSS: 0%CPEs: 103EXPL: 0CVE-2008-2714
https://notcve.org/view.php?id=CVE-2008-2714
Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page address text to be misplaced." Opera anterior a la v9.26, permite a atacantes remotos deformar la dirección de una página web empleando "ciertos caracteres" que "provocan que el texto de la dirección de la página sea modificado". • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html http://secunia.com/advisories/30636 http://secunia.com/advisories/30682 http://www.opera.com/docs/changelogs/linux/950/#security http://www.opera.com/docs/changelogs/windows/950/#security http://www.opera.com/support/search/view/878 http://www.securityfocus.com/bid/29684 http://www.vupen.com/english/advisories/2008/1812 https://exchange.xforce.ibmcloud.com/vulnerabilities/43035 •