CVSS: 10.0EPSS: 87%CPEs: 5EXPL: 3CVE-2010-1349 – Opera 10.50 - integer Overflow
https://notcve.org/view.php?id=CVE-2010-1349
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. Desbordamiento de entero en el navegador Opera v10.10 a v10.50 permite a atacantes remotos ejecutar código arbitrario mediante un valor grande en el campo Content-Length, que desencadena un desbordamiento de montículo. • https://www.exploit-db.com/exploits/11622 http://my.opera.com/securitygroup/blog/2010/03/09/the-malformed-content-length-header-security-issue http://osvdb.org/62714 http://secunia.com/advisories/38820 http://www.exploit-db.com/exploits/11622 http://www.opera.com/support/kb/view/948 http://www.securityfocus.com/bid/38519 http://www.securitytracker.com/id?1023690 http://www.vupen.com/english/advisories/2010/0529 https://exchange.xforce.ibmcloud.com/vulnerabilities/56673 • CWE-189: Numeric Errors •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2010-1310
https://notcve.org/view.php?id=CVE-2010-1310
Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. Opera v10.50 permite a atacantes remotos obtener información a través de construcciones XSLT manipuladas, lo que provoca devuelva contenidos cacheados de otras páginas. • http://secunia.com/advisories/38820 http://www.opera.com/docs/changelogs/windows/1051 http://www.opera.com/support/kb/view/949 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 1CVE-2010-0653
https://notcve.org/view.php?id=CVE-2010-0653
Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download has an incorrect MIME type and the stylesheet document is malformed, which allows remote attackers to obtain sensitive information via a crafted document. Opera permite carga de hojas de estilo CSS de origen cruzado incluso cuando la descarga de hojas de estilo tiene un tipo MIME incorrecto y el documento de hoja de estilos es incorrecto, lo cual permite a los servidores HTTP remotos obtener información sensible a través de un documento manipulado. • http://code.google.com/p/chromium/issues/detail?id=9877 http://lists.opensuse.org/opensuse-security-announce/2010-08/msg00001.html http://scarybeastsecurity.blogspot.com/2009/12/generic-cross-browser-cross-domain.html http://websec.sv.cmu.edu/css/css.pdf • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 5.8EPSS: 0%CPEs: 29EXPL: 0CVE-2009-4071
https://notcve.org/view.php?id=CVE-2009-4071
Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. Opera anterior v.10.10, cuando las stacktraces excepcionales son activadas, sitúa mensajes de error de código desde un sitio web en variables que pueden ser leídos por diferentes sitios web, permitiendo a atacantes remotos obtener información sensible o conducir un ataque de secuencias de comandos en sitios cruzados (XSS) a través de vectores no especificados. • http://osvdb.org/60527 http://secunia.com/advisories/37469 http://www.opera.com/docs/changelogs/mac/1010 http://www.opera.com/docs/changelogs/unix/1010 http://www.opera.com/docs/changelogs/windows/1010 http://www.opera.com/support/kb/view/941 http://www.securityfocus.com/bid/37089 http://www.vupen.com/english/advisories/2009/3297 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6385 • CWE-16: Configuration •
CVSS: 10.0EPSS: 0%CPEs: 28EXPL: 0CVE-2009-4072
https://notcve.org/view.php?id=CVE-2009-4072
Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue." Vulnerabilidad no esperada en Opera anterior v.10.10 tiene un impacto y vectores de ataque desconocidos, relacionados con un "asunto moderadamente severo." • http://osvdb.org/60528 http://secunia.com/advisories/37469 http://www.opera.com/docs/changelogs/mac/1010 http://www.opera.com/docs/changelogs/unix/1010 http://www.opera.com/docs/changelogs/windows/1010 http://www.securityfocus.com/bid/37089 http://www.vupen.com/english/advisories/2009/3297 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6543 •