Page 9 of 133 results (0.009 seconds)

CVSS: 6.4EPSS: 1%CPEs: 124EXPL: 0

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area. Opera antes de v11.62 en Mac OS X permite a atacantes remotos falsificar el campo de dirección y los cuadros de diálogo de seguridad a través de un estilo hecho a mano que hace que el contenido de la página se muestre fuera del área de contenido deseado. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1009 http://www.opera.com/support/kb/view/1013 https://exchange.xforce.ibmcloud.com/vulnerabilities/74352 • CWE-20: Improper Input Validation •

CVSS: 6.4EPSS: 1%CPEs: 126EXPL: 0

Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain. Opera antes de v11.62 permite a atacantes remotos falsificar el campo de la dirección lanzando una ventana de diálogo asociado a un dominio diferente. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://osvdb.org/80623 http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/unix/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1013 https://exchange.xforce.ibmcloud.com/vulnerabilities/74502 • CWE-20: Improper Input Validation •

CVSS: 5.0EPSS: 0%CPEs: 126EXPL: 0

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. Opera antes de v11.62 permite a atacantes remotos evitar la política de mismo origen a través de las funciones (1) history.pushState y (2) history.replaceState junto con marcos de dominios cruzados, dando lugar a un acceso de lectura no intencionado a la información de history.state. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://osvdb.org/80622 http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/unix/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1012 https://exchange.xforce.ibmcloud.com/vulnerabilities/74351 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 125EXPL: 1

Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. NOTE: the vendor reportedly characterizes this as "a stability issue, not a security issue." Múltiples desbordamientos de enteros en Opera v11.60 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un argumento entero demasiado grande a las funciones (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5 ) Int16Array, o (6) ArrayBuffer. NOTA: El proveedor indica que "se trata de un problema de estabilidad, no un problema de seguridad". • http://blog.vulnhunt.com/index.php/2012/02/02/cal-2012-0004-opera-array-integer-overflow https://exchange.xforce.ibmcloud.com/vulnerabilities/73027 • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 0%CPEs: 123EXPL: 1

Opera before 11.60 does not properly handle certificate revocation, which has unspecified impact and remote attack vectors related to "corner cases." Opera antes de v11.60 no maneja correctamente la revocación de certificados, lo que tiene un impacto no especificado y vectores de ataque remotos relacionados con "casos extremos" ("corner cases") • https://www.exploit-db.com/exploits/36443 http://www.opera.com/docs/changelogs/mac/1160 http://www.opera.com/docs/changelogs/unix/1160 http://www.opera.com/docs/changelogs/windows/1160 • CWE-310: Cryptographic Issues •