Page 49 of 259 results (0.006 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array. • http://marc.info/?l=bugtraq&m=107936810909082&w=2 http://www.securityfocus.com/bid/9869 https://exchange.xforce.ibmcloud.com/vulnerabilities/15413 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute. • http://secunia.com/advisories/11532 http://secunia.com/secunia_research/2004-2/advisory http://www.osvdb.org/6108 http://www.securityfocus.com/bid/10337 https://exchange.xforce.ibmcloud.com/vulnerabilities/16131 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers. • http://secunia.com/advisories/12981 http://secunia.com/secunia_research/2004-19/advisory http://www.gentoo.org/security/en/glsa/glsa-200502-17.xml http://www.opera.com/linux/changelogs/754u1 http://www.securityfocus.com/bid/11883 https://exchange.xforce.ibmcloud.com/vulnerabilities/18423 •

CVSS: 2.6EPSS: 1%CPEs: 1EXPL: 4

A race condition in Opera web browser 7.53 Build 3850 causes Opera to fill in the address bar before the page has been loaded, which allows remote attackers to spoof the URL in the address bar via the window.open and location.replace HTML parameters, which facilitates phishing attacks. • https://www.exploit-db.com/exploits/24325 http://archives.neohapsis.com/archives/fulldisclosure/2004-07/1056.html http://secunia.com/advisories/12162 http://www.opera.com/windows/changelogs/754 http://www.osvdb.org/8317 http://www.securityfocus.com/bid/10810 https://exchange.xforce.ibmcloud.com/vulnerabilities/16816 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 1

Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays. • http://marc.info/?l=full-disclosure&m=110141347502530&w=2 http://marc.info/?l=full-disclosure&m=110144136213993&w=2 http://www.securityfocus.com/bid/11762 https://exchange.xforce.ibmcloud.com/vulnerabilities/18282 • CWE-400: Uncontrolled Resource Consumption •