CVE-2008-4199
https://notcve.org/view.php?id=CVE-2008-4199
Opera before 9.52 does not prevent use of links from web pages to feed source files on the local disk, which might allow remote attackers to determine the validity of local filenames via vectors involving "detection of JavaScript events and appropriate manipulation." Opera anterior a v9.52 no previene del uso de enlaces de páginas web a archivos fuente feed en el disco local, lo cual puede permitir a atacantes remotos determinar la validez de nombres de archivo locales a través de vectores involucrando "detección de eventos JavaScript y manipulación apropiada". • http://bugs.gentoo.org/show_bug.cgi?id=235298 http://secunia.com/advisories/31549 http://secunia.com/advisories/32538 http://security.gentoo.org/glsa/glsa-200811-01.xml http://securitytracker.com/id?1020722 http://www.openwall.com/lists/oss-security/2008/09/19/2 http://www.openwall.com/lists/oss-security/2008/09/24/4 http://www.opera.com/docs/changelogs/freebsd/952 http://www.opera.com/docs/changelogs/linux/952 http://www.opera.com/docs/changelogs/mac/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-3078
https://notcve.org/view.php?id=CVE-2008-3078
Opera before 9.51 does not properly manage memory within functions supporting the CANVAS element, which allows remote attackers to read uninitialized memory contents by using JavaScript to read a canvas image. Opera anterior a 9.51, no maneja de forma adecuada la memoria en funciones que soportan el elemento CANVAS, esto permite a atacantes remotos leer contenidos de memoria no iniciada utilizando JavaScript para leer el lienzo de la imagen. • http://lists.opensuse.org/opensuse-security-announce/2008-08/msg00001.html http://secunia.com/advisories/30935 http://secunia.com/advisories/31339 http://www.opera.com/docs/changelogs/freebsd/951 http://www.opera.com/docs/changelogs/linux/951 http://www.opera.com/docs/changelogs/mac/951 http://www.opera.com/docs/changelogs/solaris/951 http://www.opera.com/docs/changelogs/windows/951 http://www.opera.com/support/search/view/887 http://www.securityfocus.com/bid/30068 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-3079
https://notcve.org/view.php?id=CVE-2008-3079
Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors. Vulnerabilidad no especificada en Opera anterior a 9.51 en Windows, permite a atacantes ejecutar código de su elección a través de vectores desconocidos. • http://secunia.com/advisories/30937 http://www.opera.com/docs/changelogs/windows/951 http://www.vupen.com/english/advisories/2008/1998/references https://exchange.xforce.ibmcloud.com/vulnerabilities/43576 •
CVE-2008-2715
https://notcve.org/view.php?id=CVE-2008-2715
Unspecified vulnerability in Opera before 9.5 allows remote attackers to read cross-domain images via HTML CANVAS elements that use the images as patterns. Vulnerabilidad no especificada en Opera anterior a 9.5 permite a atacantes remotos leer imágenes de dominios cruzados mediante elementos HTML CANVAS que utilizan imágenes como patrones. • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html http://secunia.com/advisories/30636 http://secunia.com/advisories/30682 http://www.opera.com/docs/changelogs/linux/950/#security http://www.opera.com/docs/changelogs/windows/950/#security http://www.opera.com/support/search/view/883 http://www.securityfocus.com/bid/29684 http://www.securitytracker.com/id?1020291 http://www.vupen.com/english/advisories/2008/1812 https://exchange.xforce.ibmcloud.com/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-2714
https://notcve.org/view.php?id=CVE-2008-2714
Opera before 9.26 allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page address text to be misplaced." Opera anterior a la v9.26, permite a atacantes remotos deformar la dirección de una página web empleando "ciertos caracteres" que "provocan que el texto de la dirección de la página sea modificado". • http://lists.opensuse.org/opensuse-security-announce/2008-06/msg00005.html http://secunia.com/advisories/30636 http://secunia.com/advisories/30682 http://www.opera.com/docs/changelogs/linux/950/#security http://www.opera.com/docs/changelogs/windows/950/#security http://www.opera.com/support/search/view/878 http://www.securityfocus.com/bid/29684 http://www.vupen.com/english/advisories/2008/1812 https://exchange.xforce.ibmcloud.com/vulnerabilities/43035 •