Page 4 of 20 results (0.006 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 0

Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. • http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2002-09/0167.html http://www.iss.net/security_center/static/10126.php http://www.securityfocus.com/bid/5717 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 8EXPL: 3

Cross-site scripting (XSS) vulnerability in the FTP view feature in Opera 6.0 and 6.01 through 6.04 allows remote attackers to inject arbitrary web script or HTML via the title tag of an FTP URL. • https://www.exploit-db.com/exploits/21681 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0061.html http://online.securityfocus.com/archive/1/286151 http://www.iss.net/security_center/static/9757.php http://www.opera.com/windows/changelogs/605/?session=b2a9ea38c710788c23970ba2c9a34d47 http://www.securityfocus.com/bid/5401 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 3

Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline. Opera 6.0.1 y 6.0.2 permite a un sitio web remoto cargar ficheros arbitrarios del sistema cliente, sin preguntar al cliente, mediante una etiqueta <input type=file> que contiene un carácter de nueva línea. • https://www.exploit-db.com/exploits/21483 http://marc.info/?l=ntbugtraq&m=102256058220402&w=2 http://online.securityfocus.com/archive/1/274202 http://www.iss.net/security_center/static/9188.php http://www.opera.com/windows/changelog/log603.html http://www.securityfocus.com/bid/4834 •

CVSS: 7.5EPSS: 6%CPEs: 13EXPL: 1

Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width. • http://bugzilla.mozilla.org/show_bug.cgi?id=157989 http://crash.ihug.co.nz/~Sneuro/zerogif http://marc.info/?l=bugtraq&m=103134051120770&w=2 http://www.iss.net/security_center/static/10058.php http://www.mandrakesoft.com/security/advisories?name=MDKSA-2002:075 http://www.redhat.com/support/errata/RHSA-2002-192.html http://www.redhat.com/support/errata/RHSA-2003-046.html http://www.securityfocus.com/bid/5665 https://access.redhat.com/security/cve/CVE-2002-1091 h •

CVSS: 7.5EPSS: 3%CPEs: 6EXPL: 3

Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL. • https://www.exploit-db.com/exploits/21451 http://archives.neohapsis.com/archives/bugtraq/2002-05/0117.html http://www.iss.net/security_center/static/9096.php http://www.securityfocus.com/bid/4745 •