Page 39 of 193 results (0.007 seconds)

CVSS: 5.0EPSS: 1%CPEs: 84EXPL: 0

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. • http://marc.info/?l=bugtraq&m=112724692219695&w=2 http://secunia.com/advisories/16645 http://secunia.com/secunia_research/2005-42/advisory http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.osvdb.org/19508 http://www.securityfocus.com/advisories/9339 http://www.securityfocus.com/bid/14880 http://www.vupen.com/english/advisories/2005/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/22335 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks. • http://www.geotrust.com/resources/advisory/sslorg/index.htm http://www.geotrust.com/resources/advisory/sslorg/sslorg-advisory.htm http://www.novell.com/linux/security/advisories/2005_31_opera.html http://www.securityfocus.com/bid/13176 https://exchange.xforce.ibmcloud.com/vulnerabilities/40503 •

CVSS: 5.0EPSS: 4%CPEs: 35EXPL: 1

Opera 7.54 and earlier uses kfmclient exec to handle unknown MIME types, which allows remote attackers to execute arbitrary code via a shortcut or launcher that contains an Exec entry. • https://www.exploit-db.com/exploits/24828 http://lists.suse.com/archive/suse-security-announce/2005-Mar/0007.html http://secunia.com/advisories/13447 http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u2 http://www.securityfocus.com/bid/11901 http://www.zone-h.org/advisories/read/id=6503 https://exchange.xforce.ibmcloud.com/vulnerabilities/18457 •