Page 41 of 229 results (0.009 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 5

Opera 8.02 and earlier allows remote attackers to cause a denial of service (client crash) via (1) a crafted HTML file with a "content: url(0);" style attribute, a "bodyA" tag, a long string, and a "u" tag with a long attribute, as demonstrated by opera.html; and (2) a BGSOUND element with a "margin:-99;" STYLE attribute. • https://www.exploit-db.com/exploits/1254 https://www.exploit-db.com/exploits/1255 http://securitytracker.com/id?1015067 http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5054 http://www.addict3d.org/index.php?page=viewarticle&type=security&ID=5055 •

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 1

Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title. • http://secunia.com/advisories/17963 http://www.opera.com/support/search/supsearch.dml?index=821 http://www.osvdb.org/21641 http://www.securityfocus.com/bid/15813 http://www.vupen.com/english/advisories/2005/2846 https://exchange.xforce.ibmcloud.com/vulnerabilities/23549 •

CVSS: 7.5EPSS: 11%CPEs: 1EXPL: 0

Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera. Opera anterior a 8.51 en sistemas Linux y Unix permite a atacantes remotos ejecutar código de su elección mediante metacaractérs de 'shell' ('backticks') en una URL que otro producto provee en un argumento de línea de comandos cuando se lanza Opera. • http://archives.neohapsis.com/archives/fulldisclosure/2005-11/0677.html http://secunia.com/advisories/16907 http://secunia.com/advisories/18111 http://secunia.com/secunia_research/2005-57/advisory http://securityreason.com/securityalert/199 http://securitytracker.com/id?1015253 http://www.gentoo.org/security/en/glsa/glsa-200512-10.xml http://www.novell.com/linux/security/advisories/2005_28_sr.html http://www.opera.com/docs/changelogs/linux/851 http://www.osvdb.org/21003 http&# • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads." • http://www.opera.com/docs/changelogs/windows/850 http://www.securityfocus.com/bid/14884 http://www.vupen.com/english/advisories/2005/1789 •

CVSS: 2.6EPSS: 3%CPEs: 1EXPL: 0

Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. • http://marc.info/?l=bugtraq&m=112724692219695&w=2 http://secunia.com/advisories/16645 http://secunia.com/secunia_research/2005-42/advisory http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.osvdb.org/19509 http://www.securityfocus.com/advisories/9339 http://www.securityfocus.com/bid/14880 http://www.vupen.com/english/advisories/2005/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/22337 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •