CVSS: 10.0EPSS: 1%CPEs: 103EXPL: 0CVE-2007-5476
https://notcve.org/view.php?id=CVE-2007-5476
Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. Vulnerabilidad no especificada en en Adobe Flash Player 9.0.47.0 y anteriores, cuando se ejecuta sobre Opera anterior a 9.24 en Mac OS X, tiene impacto "Altamente Severo" desconocido y vectores de ataque desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28161 http://secunia.com/advisories/30507 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security/advisories/apsa07-05.html http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.opera.com/support/search/view/868 http:&# •
CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0CVE-2007-4944
https://notcve.org/view.php?id=CVE-2007-4944
The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript. La función canvas.createPattern de Opera 9.x versiones anteriores a 9.22 para Linux, FreeBSD, y Solaris no limpia la memoria antes de usarla para procesar un patrón nuevo, lo cual permite a atacantes remotos obtener información confidencial (contenidos de memoria) mediante JavaScript. • http://osvdb.org/45946 http://security.gentoo.org/glsa/glsa-200708-17.xml http://www.opera.com/docs/changelogs/freebsd/922 http://www.opera.com/docs/changelogs/linux/922 http://www.opera.com/docs/changelogs/solaris/922 http://www.opera.com/support/search/view/861 •
CVSS: 9.3EPSS: 7%CPEs: 1EXPL: 1CVE-2007-4367
https://notcve.org/view.php?id=CVE-2007-4367
Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer." Opera anterior a 9.23 permite a atacantes remotos ejecutar código de su elección mediante Javascript modificado artesanalmente que provoca una "llamada a una función virtual en un puntero inválido". • http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00006.html http://secunia.com/advisories/26477 http://secunia.com/advisories/26545 http://secunia.com/advisories/26635 http://security.gentoo.org/glsa/glsa-200708-17.xml http://www.opera.com/support/search/view/865 http://www.securityfocus.com/bid/25331 http://www.securitytracker.com/id?1018572 http://www.vupen.com/english/advisories/2007/2904 https://exchange.xforce.ibmcloud.com/vulnerabilities/36039 • CWE-763: Release of Invalid Pointer or Reference •
CVSS: 9.3EPSS: 5%CPEs: 1EXPL: 0CVE-2007-3929
https://notcve.org/view.php?id=CVE-2007-3929
Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object. Vulnerabilidad de "usar después de liberado" en el soporte de BitTorrent en Opera versiones anteriores a 9.22 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una cabecera manipulada en un fichero torrent, que deja un puntero apuntando a un objeto inválido. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=564 http://secunia.com/advisories/26138 http://secunia.com/advisories/26545 http://security.gentoo.org/glsa/glsa-200708-17.xml http://www.novell.com/linux/security/advisories/2007_15_sr.html http://www.opera.com/support/search/view/862 http://www.securityfocus.com/bid/24970 http://www.securitytracker.com/id?1018431 http://www.vupen.com/english/advisories/2007/2584 https://exchange.xforce.ibmcloud.com/vulnerabil • CWE-416: Use After Free •
CVSS: 9.3EPSS: 10%CPEs: 1EXPL: 0CVE-2007-2809
https://notcve.org/view.php?id=CVE-2007-2809
Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274. Desbordamiento de búfer en el administrador de transferencias en Opera anterior a 9.21 para Windows permite a atacantes remotos con la intervención del usuario ejecutar código de su elección mediante un archivo torrent manipulado. NOTA: debido a la falta de detalles, no está claro si este es el mismo problema que CVE-2007-2274. • http://isc.sans.org/diary.html?storyid=2823 http://osvdb.org/36229 http://secunia.com/advisories/25278 http://securitytracker.com/id?1018089 http://www.opera.com/support/search/view/860 http://www.securityfocus.com/bid/24080 http://www.vupen.com/english/advisories/2007/1888 https://exchange.xforce.ibmcloud.com/vulnerabilities/34470 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •