CVSS: 4.3EPSS: 0%CPEs: 102EXPL: 0CVE-2007-6522
https://notcve.org/view.php?id=CVE-2007-6522
The rich text editing functionality in Opera before 9.25 allows remote attackers to conduct cross-domain scripting attacks by using designMode to modify contents of pages in other domains. El texto enriquecido en la funcionalidad de edición de Opera anterior a 9.25 permite a atacantes remotos llevar a cabo ataques de secuencias de comandos de dominios cruzados utilizando el modo diseño (designMode) para modificar contenidos de páginas en otros dominios. • http://bugs.gentoo.org/show_bug.cgi?id=202770 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html http://secunia.com/advisories/28169 http://secunia.com/advisories/28290 http://secunia.com/advisories/28314 http://security.gentoo.org/glsa/glsa-200712-22.xml http://www.opera.com/docs/changelogs/linux/925 http://www.opera.com/docs/changelogs/windows/925 http://www.opera.com/support/search/view/875 http://www.securityfocus.com/bid/26937 http:/&#x • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.8EPSS: 0%CPEs: 77EXPL: 0CVE-2007-6524
https://notcve.org/view.php?id=CVE-2007-6524
Opera before 9.25 allows remote attackers to obtain potentially sensitive memory contents via a crafted bitmap (BMP) file, as demonstrated using a CANVAS element and JavaScript in an HTML document for copying these contents from 9.50 beta, a related issue to CVE-2008-0420. Opera versiones anteriores a 9.25, permite a los atacantes remotos obtener contenido de memoria potencialmente confidencial por medio de un archivo de mapa de bits diseñado (BMP), como es demostrado usando un elemento CANVAS y JavaScript en un documento HTML para copiar estos contenidos desde versión 9.50 beta, un problema relacionado con CVE-2008-0420. • http://bugs.gentoo.org/show_bug.cgi?id=202770 http://lists.opensuse.org/opensuse-security-announce/2008-01/msg00001.html http://osvdb.org/42691 http://secunia.com/advisories/28169 http://secunia.com/advisories/28290 http://secunia.com/advisories/28314 http://security.gentoo.org/glsa/glsa-200712-22.xml http://securitytracker.com/id?1019435 http://www.opera.com/docs/changelogs/linux/925 http://www.opera.com/docs/changelogs/windows/925 http://www.opera.com/support/sear • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 1%CPEs: 103EXPL: 0CVE-2007-5476
https://notcve.org/view.php?id=CVE-2007-5476
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. Vulnerabilidad no especificada en en Adobe Flash Player 9.0.47.0 y anteriores, cuando se ejecuta sobre Opera anterior a 9.24 en Mac OS X, tiene impacto "Altamente Severo" desconocido y vectores de ataque desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28161 http://secunia.com/advisories/30507 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security/advisories/apsa07-05.html http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.opera.com/support/search/view/868 http:&# •
CVSS: 7.5EPSS: 3%CPEs: 101EXPL: 0CVE-2007-5540
https://notcve.org/view.php?id=CVE-2007-5540
Unspecified vulnerability in Opera before 9.24 allows remote attackers to overwrite functions on pages from other domains and bypass the same-origin policy via unknown vectors. Vulnerabilidad no especificada en Opera anterior a 9.24 permite a atacantes remotos sobrescribir funciones en páginas de otros dominios y evitar la política de mismo-origen (same-origin) a través de vectores no especificados. • http://bugs.gentoo.org/show_bug.cgi?id=196164 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://osvdb.org/38127 http://secunia.com/advisories/27277 http://secunia.com/advisories/27399 http://secunia.com/advisories/27431 http://security.gentoo.org/glsa/glsa-200710-31.xml http://www.opera.com/support/search/view/867 http://www.securityfocus.com/bid/26102 http://www.vupen.com/english/advisories/2007/3529 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 101EXPL: 0CVE-2007-5541
https://notcve.org/view.php?id=CVE-2007-5541
Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en Opera anterior a 9.24, cuando se usa un cliente "externo" de grupos de noticias o correo electrónico, permite a atacantes remotos ejecutar comandos de su elección a través de vectores no especificados. • http://bugs.gentoo.org/show_bug.cgi?id=196164 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://osvdb.org/38126 http://secunia.com/advisories/27277 http://secunia.com/advisories/27399 http://secunia.com/advisories/27431 http://security.gentoo.org/glsa/glsa-200710-31.xml http://www.opera.com/support/search/view/866 http://www.securityfocus.com/bid/26100 http://www.vupen.com/english/advisories/2007/3529 https://exchange.xforce.ibmcloud.c • CWE-20: Improper Input Validation •