CVE-2004-1490
https://notcve.org/view.php?id=CVE-2004-1490
Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers. • http://secunia.com/advisories/12981 http://secunia.com/secunia_research/2004-19/advisory http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u1 http://www.securityfocus.com/bid/11883 https://exchange.xforce.ibmcloud.com/vulnerabilities/18423 •
CVE-2004-2491 – Opera Web Browser 7.53 - Location Replace URI Obfuscation
https://notcve.org/view.php?id=CVE-2004-2491
A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. • https://www.exploit-db.com/exploits/24325 http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html http://secunia.com/advisories/12162 http://www.opera.com/windows/changelogs/754 http://www.osvdb.org/8317 http://www.securityfocus.com/bid/10810 https://exchange.xforce.ibmcloud.com/vulnerabilities/16816 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVE-2004-1201
https://notcve.org/view.php?id=CVE-2004-1201
Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. • http://marc.info/?l=full-disclosure&m=110141347502530&w=2 http://marc.info/?l=full-disclosure&m=110144136213993&w=2 http://www.securityfocus.com/bid/11762 https://exchange.xforce.ibmcloud.com/vulnerabilities/18282 • CWE-400: Uncontrolled Resource Consumption •
CVE-2004-1615
https://notcve.org/view.php?id=CVE-2004-1615
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme. • http://lcamtuf.coredump.cx/mangleme/gallery http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html http://marc.info/?l=bugtraq&m=109811406620511&w=2 http://www.securityfocus.com/bid/11441 https://exchange.xforce.ibmcloud.com/vulnerabilities/17806 •
CVE-2004-0537
https://notcve.org/view.php?id=CVE-2004-0537
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. Opera 7.50 y anteriores permite a sitios web remotos suministrar un "Icono de acceso directo" (favicon) que es más ancho de lo esperado, lo que podría permitir a los sitios web suplantar un dominio de confianza y facilitar ataques de phising usando un icono ancho y espacios extra. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022263.html http://marc.info/?l=bugtraq&m=108627581717738&w=2 http://osvdb.org/6590 http://secunia.com/advisories/11762 http://security.greymagic.com/security/advisories/gm007-op http://www.opera.com/linux/changelogs/751/index.dml http://www.securityfocus.com/bid/10452 https://exchange.xforce.ibmcloud.com/vulnerabilities/16307 •