Opera

Opera Browser

282 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2009-2540

Exploit
  • EPSS 1.32%
  • Published 20.07.2009 18:30:01
  • Last modified 09.04.2025 00:30:58

Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692.

4.3

CVE-2009-2351

Exploit
  • EPSS 0.29%
  • Published 07.07.2009 23:30:00
  • Last modified 09.04.2025 00:30:58

Opera 9.52 and earlier does not block javascript: URIs in Refresh headers in HTTP responses, which allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to (1) injecting a Refresh header or (2) specifying the conte...

6.8

CVE-2009-2059

Exploit
  • EPSS 0.24%
  • Published 15.06.2009 19:30:05
  • Last modified 09.04.2025 00:30:58

Opera, possibly before 9.25, uses the HTTP Host header to determine the context of a document provided in a (1) 4xx or (2) 5xx CONNECT response from a proxy server, which allows man-in-the-middle attackers to execute arbitrary web script by modifying...

6.8

CVE-2009-2063

  • EPSS 0.27%
  • Published 15.06.2009 19:30:05
  • Last modified 09.04.2025 00:30:58

Opera, possibly before 9.25, processes a 3xx HTTP CONNECT response before a successful SSL handshake, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying this CONNECT response to specify ...

6.8

CVE-2009-2067

  • EPSS 0.27%
  • Published 15.06.2009 19:30:05
  • Last modified 09.04.2025 00:30:58

Opera detects http content in https web pages only when the top-level frame uses https, which allows man-in-the-middle attackers to execute arbitrary web script, in an https site's context, by modifying an http page to include an https iframe that re...

6.8

CVE-2009-2070

  • EPSS 0.14%
  • Published 15.06.2009 19:30:05
  • Last modified 09.04.2025 00:30:58

Opera displays a cached certificate for a (1) 4xx or (2) 5xx CONNECT response page returned by a proxy server, which allows man-in-the-middle attackers to spoof an arbitrary https site by letting a browser obtain a valid certificate from this site du...

9.3

CVE-2009-1599

  • EPSS 0.24%
  • Published 11.05.2009 15:30:00
  • Last modified 09.04.2025 00:30:58

Opera executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on access...

4.3

CVE-2009-1234

Exploit
  • EPSS 16.57%
  • Published 02.04.2009 17:30:00
  • Last modified 09.04.2025 00:30:58

Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected.

9.3

CVE-2009-0914

  • EPSS 10.24%
  • Published 16.03.2009 19:30:00
  • Last modified 09.04.2025 00:30:58

Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption.

6.8

CVE-2009-0915

  • EPSS 1.26%
  • Published 16.03.2009 19:30:00
  • Last modified 09.04.2025 00:30:58

Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins.