Page 44 of 270 results (0.006 seconds)

CVSS: 6.4EPSS: 1%CPEs: 2EXPL: 1

CVE-2007-0802

https://notcve.org/view.php?id=CVE-2007-0802

Mozilla Firefox 2.0.0.1 allows remote attackers to bypass the Phishing Protection mechanism by adding certain characters to the end of the domain name, as demonstrated by the "." and "/" characters, which is not caught by the Phishing List blacklist filter. Mozilla Firefox 2.0.0.1 permite a atacantes remotos evitar el mecanismo de Protección de Phising añadiendo caracteres concretos al final del nombre de dominio, como se demuestra con los caractere "." y "/", que no se capturan por el filtro de lista negra Lista de Phising. • http://archives.neohapsis.com/archives/fulldisclosure/2007-04/0516.html http://kaneda.bohater.net/security/20070111-firefox_2.0.0.1_bypass_phishing_protection.php http://osvdb.org/33705 http://www.securityfocus.com/archive/1/459265/100/0/threaded https://bugzilla.mozilla.org/show_bug.cgi?id=367538 • CWE-20: Improper Input Validation •

CVSS: 4.3EPSS: 0%CPEs: 105EXPL: 1

CVE-2006-6955

https://notcve.org/view.php?id=CVE-2006-6955

Opera allows remote attackers to cause a denial of service (application crash) via a web page that contains a large number of nested marquee tags, a related issue to CVE-2006-2723. Opera permite a atacantes remotos provocar una denegación de servicio (cierre de aplicación) mediante una página web que contiene un gran número de etiquetas de marquesina anidadas, un problema relacionado con CVE-2006-2723. • http://archives.neohapsis.com/archives/bugtraq/2006-06/0085.html https://exchange.xforce.ibmcloud.com/vulnerabilities/26898 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 16%CPEs: 94EXPL: 0

CVE-2007-0127

https://notcve.org/view.php?id=CVE-2007-0127

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call. El soporte para Javascript SVG en Opera anterior a 9.10 no valida adecuadamente los tipos de objeto en una petición createSVGTransformFromMatrix, lo cual permite a atacantes remotos ejecutar código de su elección mediante código JavaScript que utiliza un objeto inválido en esta petición que provoca que un puntero controlado sea referenciado durante la llamada a la función virtual. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=458 http://lists.suse.com/archive/suse-security-announce/2007-Jan/0009.html http://osvdb.org/31575 http://secunia.com/advisories/23613 http://secunia.com/advisories/23739 http://secunia.com/advisories/23771 http://securitytracker.com/id?1017473 http://www.gentoo.org/security/en/glsa/glsa-200701-08.xml http://www.opera.com/support/search/supsearch.dml?index=851 http://www.vupen.com/english/advisories/2007/0 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 16%CPEs: 1EXPL: 1

CVE-2007-0126 – Opera 9.10 - '.jpg' Image DHT Marker Heap Corruption

https://notcve.org/view.php?id=CVE-2007-0126

Heap-based buffer overflow in Opera 9.02 allows remote attackers to execute arbitrary code via a JPEG file with an invalid number of index bytes in the Define Huffman Table (DHT) marker. Desbordamiento de búfer basado en montón en Opera 9.02 permite a atacantes remotos ejecutar código de su elección mediante un archivo JPEG con un número inválido de bytes de índice en el marcador de Definición de Tabla Huffman (Define Huffman Table o DHT). • https://www.exploit-db.com/exploits/3101 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=457 http://lists.suse.com/archive/suse-security-announce/2007-Jan/0009.html http://osvdb.org/31574 http://secunia.com/advisories/23613 http://secunia.com/advisories/23739 http://secunia.com/advisories/23771 http://securitytracker.com/id?1017473 http://www.gentoo.org/security/en/glsa/glsa-200701-08.xml http://www.opera.com/support/search/supsearch.dml?index=852 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 5.1EPSS: 29%CPEs: 2EXPL: 0

CVE-2006-4819

https://notcve.org/view.php?id=CVE-2006-4819

Heap-based buffer overflow in Opera 9.0 and 9.01 allows remote attackers to execute arbitrary code via a long URL in a tag (long link address). Desbordamiento de búfer basado en montículo en Opera 9.0 y 9.01 permite a atacantes remotos ejecutar código de su elección mediante una URL larga en una etiqueta (dirección de enlace larga). • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=424 http://secunia.com/advisories/22218 http://secunia.com/advisories/22509 http://securitytracker.com/id?1017080 http://www.kb.cert.org/vuls/id/484380 http://www.novell.com/linux/security/advisories/2006_61_opera.html http://www.opera.com/support/search/supsearch.dml?index=848 http://www.securityfocus.com/bid/20591 http://www.vupen.com/english/advisories/2006/4066 https://exchange.xforce.ibmcloud.com/vulnerabi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •