Opera

Opera Browser

282 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 2.73%
  • Veröffentlicht 16.09.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:33

Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cros...

  • EPSS 2.26%
  • Veröffentlicht 06.08.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:50

Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.

  • EPSS 2.19%
  • Veröffentlicht 27.07.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:06:13

Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability...

  • EPSS 2.45%
  • Veröffentlicht 07.07.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:05:42

Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) t...

Exploit
  • EPSS 2.95%
  • Veröffentlicht 15.04.2004 04:00:00
  • Zuletzt bearbeitet 16.06.2026 22:02:29

Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a...

Exploit
  • EPSS 2.56%
  • Veröffentlicht 11.02.2004 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:08:57

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."

Exploit
  • EPSS 14.67%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:04

Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.

  • EPSS 3.06%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:04

Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.

Exploit
  • EPSS 9.09%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:05

Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.

Exploit
  • EPSS 6.12%
  • Veröffentlicht 31.12.2003 05:00:00
  • Zuletzt bearbeitet 16.06.2026 22:04:05

The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.