CVSS: 5.0EPSS: 1%CPEs: 84EXPL: 0CVE-2005-3006
https://notcve.org/view.php?id=CVE-2005-3006
The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. • http://marc.info/?l=bugtraq&m=112724692219695&w=2 http://secunia.com/advisories/16645 http://secunia.com/secunia_research/2005-42/advisory http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.osvdb.org/19508 http://www.securityfocus.com/advisories/9339 http://www.securityfocus.com/bid/14880 http://www.vupen.com/english/advisories/2005/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/22335 •
CVSS: 7.5EPSS: 2%CPEs: 25EXPL: 1CVE-2003-0593
https://notcve.org/view.php?id=CVE-2003-0593
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. Opera permite a atacantes remotos saltarse las restriciones de cookies pretendidas en una aplicación web mediante secuencias de atravesamiento de directorios "%2e%2e" (punto punto codificado) en una URL, lo que hace que Opera envíe la cookie fuera de los subconjuntos de URL especificados, por ejemplo a una aplicación vulnerable que corre en el mismo servidor que la aplicación objetivo. • http://archives.neohapsis.com/archives/vulnwatch/2004-q1/0056.html http://lists.grok.org.uk/pipermail/full-disclosure/2004-March/018475.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •