CVSS: 9.1EPSS: 0%CPEs: 123EXPL: 0CVE-2011-4682 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-4682
07 Dec 2011 — The JavaScript engine in Opera before 11.60 does not properly implement the in operator, which allows remote attackers to bypass the Same Origin Policy via vectors related to variables on different web sites. El motor JavaScript en Opera antes de v11.60, no implementa adecuadamente el operador, lo que permite a atacantes remotos evitar la política del mismo origen (Same Origin Policy) a través de vectores relacionados con las variables en diferentes sitios web. Multiple vulnerabilities have been found in Op... • http://www.opera.com/docs/changelogs/mac/1160 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 0%CPEs: 123EXPL: 0CVE-2011-4683 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-4683
07 Dec 2011 — Unspecified vulnerability in Opera before 11.60 has unknown impact and attack vectors, related to a "moderately severe issue." Vulnerabilidad no especificada en Opera antes de v11.60, tiene un impacto no especificado y vectores de ataque relacionados con un "problema moderadamente severo" ("moderately severe issue"). Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions less than 12.00.1467 are affected. • http://www.opera.com/docs/changelogs/mac/1160 •
CVSS: 9.1EPSS: 1%CPEs: 120EXPL: 0CVE-2011-3388 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-3388
06 Sep 2011 — Opera before 11.51 allows remote attackers to cause an insecure site to appear secure or trusted via unspecified actions related to Extended Validation and loading content from trusted sources in an unspecified sequence that causes the address field and page information dialog to contain security information based on the trusted site, instead of the insecure site. Opera antes de v11.51 permite a atacantes remotos provocar un sitio inseguro que ser seguro o de confianza a través de acciones no especificadas ... • http://osvdb.org/74828 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 5%CPEs: 24EXPL: 1CVE-2011-3389 – SSL/TLS Version Detection
https://notcve.org/view.php?id=CVE-2011-3389
06 Sep 2011 — The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClie... • https://github.com/mpgn/BEAST-PoC • CWE-298: Improper Validation of Certificate Expiration CWE-319: Cleartext Transmission of Sensitive Information CWE-326: Inadequate Encryption Strength CWE-327: Use of a Broken or Risky Cryptographic Algorithm CWE-328: Use of Weak Hash •
CVSS: 7.5EPSS: 2%CPEs: 121EXPL: 0CVE-2011-1337 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-1337
01 Jul 2011 — Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages. Opera anterior a v11.50 permite a atacantes remotos causar una denegación de servicio (consumo de disco) a través de direcciones URL no válidas que desencadenan la creación de páginas de error. Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions less than 12.00.1467 are affected. • http://jvn.jp/en/jp/JVN47757122/index.html • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 121EXPL: 0CVE-2011-2609 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-2609
01 Jul 2011 — Opera before 11.50 does not properly restrict data: URIs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. Opera anterior a v11.50 no restringe los datos correctamente: URIs, lo que hace más fácil para los atacantes remotos realizar ataques cross-site scripting (XSS) a través de un sitio web manipulado. Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions less than 12.00.1467 ... • http://secunia.com/advisories/45060 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 121EXPL: 0CVE-2011-2610 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-2610
01 Jul 2011 — Unspecified vulnerability in Opera before 11.50 has unknown impact and attack vectors, related to a "moderately severe issue." Vulnerabilidad no especificada en Opera anterior a v11.50 tiene un impacto y vectores de ataque desconocidos, en relación con un "problema de gravedad moderada". Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions less than 12.00.1467 are affected. • http://www.opera.com/docs/changelogs/mac/1150 •
CVSS: 6.5EPSS: 0%CPEs: 121EXPL: 0CVE-2011-2611 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-2611
01 Jul 2011 — Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page. Vulnerabilidad no especificada en la funcionalidad de impresión de Opera anterior a v11.50 le permite al usuario asistido a atacantes remotos provocar una denegación de servicio (caída de la aplicación) a través de una página web manipulada. Multiple vulnerabilities have been found in Opera, the worst of which allow for t... • http://www.opera.com/docs/changelogs/mac/1150 •
CVSS: 6.5EPSS: 0%CPEs: 121EXPL: 0CVE-2011-2612 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-2612
01 Jul 2011 — Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by progorod.ru. Vulnerabilidad no especificada en Opera anterior a v11.50 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de contenidos desconocidos en una página web, como lo demuestra progorod.ru. Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution... • http://www.opera.com/docs/changelogs/mac/1150 •
CVSS: 7.5EPSS: 0%CPEs: 121EXPL: 0CVE-2011-2613 – Gentoo Linux Security Advisory 201206-03
https://notcve.org/view.php?id=CVE-2011-2613
01 Jul 2011 — The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes. El método Array.prototype.join de Opera anterior a v11.50 permite a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un objeto non-array que contiene los puntos iniciales. Multiple vulnerabilities have been found in Opera, the worst of which allow for the execution of arbitrary code. Versions... • http://www.opera.com/docs/changelogs/mac/1150 • CWE-399: Resource Management Errors •