CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 1CVE-2004-1489
https://notcve.org/view.php?id=CVE-2004-1489
Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-November/029044.html http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u1 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1CVE-2004-1201
https://notcve.org/view.php?id=CVE-2004-1201
Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. • http://marc.info/?l=full-disclosure&m=110141347502530&w=2 http://marc.info/?l=full-disclosure&m=110144136213993&w=2 http://www.securityfocus.com/bid/11762 https://exchange.xforce.ibmcloud.com/vulnerabilities/18282 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 1CVE-2004-1615
https://notcve.org/view.php?id=CVE-2004-1615
Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme. • http://lcamtuf.coredump.cx/mangleme/gallery http://lists.grok.org.uk/pipermail/full-disclosure/2004-October/027709.html http://marc.info/?l=bugtraq&m=109811406620511&w=2 http://www.securityfocus.com/bid/11441 https://exchange.xforce.ibmcloud.com/vulnerabilities/17806 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2004-0537
https://notcve.org/view.php?id=CVE-2004-0537
Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces. Opera 7.50 y anteriores permite a sitios web remotos suministrar un "Icono de acceso directo" (favicon) que es más ancho de lo esperado, lo que podría permitir a los sitios web suplantar un dominio de confianza y facilitar ataques de phising usando un icono ancho y espacios extra. • http://lists.grok.org.uk/pipermail/full-disclosure/2004-June/022263.html http://marc.info/?l=bugtraq&m=108627581717738&w=2 http://osvdb.org/6590 http://secunia.com/advisories/11762 http://security.greymagic.com/security/advisories/gm007-op http://www.opera.com/linux/changelogs/751/index.dml http://www.securityfocus.com/bid/10452 https://exchange.xforce.ibmcloud.com/vulnerabilities/16307 •
CVSS: 2.6EPSS: 71%CPEs: 1EXPL: 0CVE-2004-0473
https://notcve.org/view.php?id=CVE-2004-0473
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) the "-f" option on Windows XP or (2) the "-n" option on Linux. El navegador Web Opera no filtra adecuadamente caractéres "-" en el comienzo de un nombre de máquina en una URI telnet, lo que permite a atacantes remotos insertar opciones en la linea de comandos resultante y sobreescribir ficheros de su elección mediante la opción "-f" en Windows XP o "-n" en Linux. • http://security.gentoo.org/glsa/glsa-200405-19.xml http://securitytracker.com/id?1010142 http://www.idefense.com/application/poi/display?id=104&type=vulnerabilities http://www.opera.com/linux/changelogs/750/index.dml http://www.securityfocus.com/bid/10341 https://exchange.xforce.ibmcloud.com/vulnerabilities/16139 • CWE-88: Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') •