Page 40 of 266 results (0.011 seconds)

CVSS: 9.3EPSS: 1%CPEs: 101EXPL: 0

Unspecified vulnerability in Opera before 9.24, when using an "external" newsgroup or e-mail client, allows remote attackers to execute arbitrary commands via unknown vectors. Vulnerabilidad no especificada en Opera anterior a 9.24, cuando se usa un cliente "externo" de grupos de noticias o correo electrónico, permite a atacantes remotos ejecutar comandos de su elección a través de vectores no especificados. • http://bugs.gentoo.org/show_bug.cgi?id=196164 http://lists.opensuse.org/opensuse-security-announce/2007-10/msg00008.html http://osvdb.org/38126 http://secunia.com/advisories/27277 http://secunia.com/advisories/27399 http://secunia.com/advisories/27431 http://security.gentoo.org/glsa/glsa-200710-31.xml http://www.opera.com/support/search/view/866 http://www.securityfocus.com/bid/26100 http://www.vupen.com/english/advisories/2007/3529 https://exchange.xforce.ibmcloud.c • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 1%CPEs: 103EXPL: 0

Unspecified vulnerability in Adobe Flash Player 9.0.47.0 and earlier, when running on Opera before 9.24 on Mac OS X, has unknown "Highly Severe" impact and unknown attack vectors. Vulnerabilidad no especificada en en Adobe Flash Player 9.0.47.0 y anteriores, cuando se ejecuta sobre Opera anterior a 9.24 en Mac OS X, tiene impacto "Altamente Severo" desconocido y vectores de ataque desconocidos. • http://docs.info.apple.com/article.html?artnum=307179 http://lists.apple.com/archives/security-announce/2007/Dec/msg00002.html http://secunia.com/advisories/28136 http://secunia.com/advisories/28161 http://secunia.com/advisories/30507 http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1 http://www.adobe.com/support/security/advisories/apsa07-05.html http://www.adobe.com/support/security/bulletins/apsb07-20.html http://www.opera.com/support/search/view/868 http:&# •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

Opera 9 drops DNS pins based on failed connections to irrelevant TCP ports, which makes it easier for remote attackers to conduct DNS rebinding attacks, as demonstrated by a port 81 URL in an IMG SRC, when the DNS pin had been established for a session on port 80. Opera 9 descarta asignaciones DNS fijas basándose en conexiones fallidas a puertos TCP irrelevantes, lo cual facilita a atacantes remotos llevar a cabo ataques de revinculación DNS, como se ha demostrado mediante un URL con puerto 81 en un SRC de IMG, cuando la asignación DNS ha sido establecida para una sesión en el puerto 80. • http://crypto.stanford.edu/dns/dns-rebinding.pdf http://osvdb.org/45526 •

CVSS: 5.0EPSS: 0%CPEs: 10EXPL: 0

The canvas.createPattern function in Opera 9.x before 9.22 for Linux, FreeBSD, and Solaris does not clear memory before using it to process a new pattern, which allows remote attackers to obtain sensitive information (memory contents) via JavaScript. La función canvas.createPattern de Opera 9.x versiones anteriores a 9.22 para Linux, FreeBSD, y Solaris no limpia la memoria antes de usarla para procesar un patrón nuevo, lo cual permite a atacantes remotos obtener información confidencial (contenidos de memoria) mediante JavaScript. • http://osvdb.org/45946 http://security.gentoo.org/glsa/glsa-200708-17.xml http://www.opera.com/docs/changelogs/freebsd/922 http://www.opera.com/docs/changelogs/linux/922 http://www.opera.com/docs/changelogs/solaris/922 http://www.opera.com/support/search/view/861 •

CVSS: 9.3EPSS: 7%CPEs: 1EXPL: 1

Opera before 9.23 allows remote attackers to execute arbitrary code via crafted Javascript that triggers a "virtual function call on an invalid pointer." Opera anterior a 9.23 permite a atacantes remotos ejecutar código de su elección mediante Javascript modificado artesanalmente que provoca una "llamada a una función virtual en un puntero inválido". • http://lists.opensuse.org/opensuse-security-announce/2007-08/msg00006.html http://secunia.com/advisories/26477 http://secunia.com/advisories/26545 http://secunia.com/advisories/26635 http://security.gentoo.org/glsa/glsa-200708-17.xml http://www.opera.com/support/search/view/865 http://www.securityfocus.com/bid/25331 http://www.securitytracker.com/id?1018572 http://www.vupen.com/english/advisories/2007/2904 https://exchange.xforce.ibmcloud.com/vulnerabilities/36039 • CWE-763: Release of Invalid Pointer or Reference •