Download
| Alert*
|
oval:org.secpod.oval:def:1697
The host is installed with Opera before 11.0 and is prone to an unspecified vulnerability. A flaw is present in the application. Specific details regarding the vulnerability have not been made public. Successful exploitation could allow an attacker to produce unknown impacts. oval:org.secpod.oval:def:1695 The host is installed with Opera browser before 11.0 and is prone to a X509 spoofing vulnerability. A flaw is present in the application, which gives improper information of X.509 certificates on https web sites when Opera Turbo is enabled. Successful exploitation could allow a remote attacker to re ... oval:org.secpod.oval:def:3440 The host is installed with Opera before 11.60 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle certificate revocation. Successful exploitation could allow attackers to produce unknown impacts. oval:org.secpod.oval:def:1657 The host is installed with Opera before 11.50 and is prone to cross-site scripting vulnerability. A flaw is present in the application which fails to restrict data: URIs. Successful exploitation allow remote attackers to conduct cross-site scripting. oval:org.secpod.oval:def:35824 The host is installed with Opera before 9.26 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to handle crafted attribute values in an XML document. Successful exploitation allows remote attackers to "bypass sanitization filters" and conduct cross ... oval:org.secpod.oval:def:35833 The host is installed with Opera before 9.52 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation allows remote attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:35843 The host is installed with Opera before 9.61 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly escape before storage in the History Search database (aka md.dat). Successful exploitation allows remote attackers to inject arbitrary web sc ... oval:org.secpod.oval:def:35844 The host is installed with Opera before 9.61 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which a page is located in a frame, executes a javascript: URL in the context of the outermost page instead of the page that contains this URL. Successful exploitati ... oval:org.secpod.oval:def:35853 The host is installed with Opera before 9.63 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to handle built-in XSLT templates. Successful exploitation allows remote attackers to inject arbitrary web script or HTML. oval:org.secpod.oval:def:35847 The host is installed with Opera before 9.62 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle the History Search results page. Successful exploitation allows remote attackers to execute arbitrary commands. oval:org.secpod.oval:def:35852 The host is installed with Opera before 9.63 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to block unspecified "scripted URLs" during the feed preview. Successful exploitation allows remote attackers to read existing subscriptions and force subscriptio ... oval:org.secpod.oval:def:35850 The host is installed with Opera before 9.63 and is prone to unspecified vulnerability. A flaw is present in the application, which trigger an invalid pointer calculation and heap corruption. Successful exploitation allows remote attackers to execute arbitrary code via crafted web pages. oval:org.secpod.oval:def:35851 The host is installed with Opera before 9.63 and is prone to multiple buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long host name in a file. Successful exploitation allows (1) remote attackers to execute arbitrary code via a crafted text area, or allow ... oval:org.secpod.oval:def:35849 The host is installed with Opera before 9.62.10467.0 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to handle a long file:// URI. NOTE. Successful exploitation allows remote attackers to execute arbitrary code. oval:org.secpod.oval:def:35845 The host is installed with Opera before 9.61 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly block scripts during preview of a news feed. Successful exploitation allows remote attackers to create arbitrary new feed subscriptions and read the c ... oval:org.secpod.oval:def:35839 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which does not check the CRL override upon encountering a certificate that lacks a CRL. Successful exploitation allows unknown impact and attack vectors. oval:org.secpod.oval:def:35840 The host is installed with Opera before 9.52 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle unknown vectors in which Opera is launched by other applications. Successful exploitation allows remote attackers to cause a denial of service (cr ... oval:org.secpod.oval:def:35836 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which when rendering an http page that has loaded an https page into a frame, displays a padlock icon and offers a security information dialog reporting a secure connection. ... oval:org.secpod.oval:def:35834 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly restrict the ability of a framed web page to change the address associated with a different frame. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:35832 The host is installed with Opera before 9.51 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:35828 The host is installed with Opera before 9.26 and is prone to unspecified vulnerability. A flaw is present in the application, which misrepresents web page addresses. Successful exploitation allows remote attackers to misrepresent web page addresses using "certain characters" that "cause the page add ... oval:org.secpod.oval:def:35825 The host is installed with Opera before 9.27 and is prone to denial of service vulnerability. A flaw is present in the application, which triggers an invalid memory access. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a ... oval:org.secpod.oval:def:35826 The host is installed with Opera before 9.27 and is prone to denial of service vulnerability. A flaw is present in the application, which triggers memory corruption. Successful exploitation allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted ... oval:org.secpod.oval:def:35827 The host is installed with Opera before 9.27 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle vectors related to keyboard handling of password inputs. Successful exploitation allows unknown impact and attack vectors related to keyboard hand ... oval:org.secpod.oval:def:35855 The host is installed with Opera before 9.64 and is prone to unspecified vulnerability. A flaw is present in the application, which is related to a moderately severe issue. Successful exploitation allows unknown impact and attack vectors. oval:org.secpod.oval:def:35857 The host is installed with Opera before 10.62 and is prone to untrusted search path vulnerability. A flaw is present in the application, which fails to handle a Trojan horse dwmapi.dll file in the current working directory. Successful exploitation allows allows local users to gain privileges via a T ... oval:org.secpod.oval:def:1696 The host is installed with Opera before 11.0 and is prone to an autoupdate denial of service vulnerability. A flaw is present in the autoupdate functionality of the application. Specific details regarding the flaw have not been made public. Successful exploitation could allow an attacker to crash th ... oval:org.secpod.oval:def:1690 The host is installed with Opera before 11.0 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle some web page content being displayed on top of dialog boxes. Successful exploitation allows an attacker to gain sensitive information. oval:org.secpod.oval:def:1692 The host is installed with Opera before 11.0 and is prone to an information disclosure vulnerability. A flaw is present in the browser. Specific details regarding the vulnerability have not been made public. Successful exploitation could allow a remote attacker to cause unknown impact. oval:org.secpod.oval:def:1693 The host is installed with Opera before 11.0 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle security policies during updates to extensions. Successful exploitation could allow an attacker to bypass intended access restrictions. oval:org.secpod.oval:def:1694 The host is installed with Opera before 11.0 and is prone to an indication spoofing vulnerability. A flaw is present in the application, which fails to display a page's security indication when Opera Turbo is enabled. Successful exploitation could allow a remote attacker to redirect a user to a mali ... oval:org.secpod.oval:def:1698 The host is installed with Opera 10.54 and earlier and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle the address bar when requesting to open a URL . Successful exploitation could allow a remote attacker to perform spoofing attack via crafted html d ... oval:org.secpod.oval:def:35856 The host is installed with Opera 10.10.1893.0 through 10.50.3296.0 and is prone to integer overflow vulnerability. A flaw is present in the application, which triggers a heap overflow. Successful exploitation allows remote attackers to execute arbitrary code via a large Content-Length value. oval:org.secpod.oval:def:3437 The host is installed with Opera before 11.60 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified content on a web page. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3468 The host is installed with Opera 11.60 or earlier and is prone to information disclosure vulnerability. A flaw is present in the application, which does not prevent capture of data about the times of Same Origin Policy violations during IFRAME loading attempts. Successful exploitation allows remote ... oval:org.secpod.oval:def:3438 The host is installed with Opera before 11.60 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:3441 The host is installed with Opera before 11.60 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to handle malicious data. Successful exploitation could allow attackers to produce unknown impacts. oval:org.secpod.oval:def:3442 The host is installed with Opera before 11.60 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to properly implement the in operator. Successful exploitation could allow attackers to bypass the Same Origin Policy. oval:org.secpod.oval:def:3443 The host is installed with Opera before 11.60 and is prone to a same origin policy bypass vulnerability. A flaw is present in the application, which fails to consider the number of . (dot) characters that conventionally exist in domain names of different top-level domains. Successful exploitation co ... oval:org.secpod.oval:def:1625 The host is installed with Opera 11.11 or earlier and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle IFRAME element. Successful exploitation allow remote attackers to cause a denial of service. oval:org.secpod.oval:def:1626 The host is installed with Opera before 11.10 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle a HTML document that has an empty parameter value for an embedded Java applet. Successful exploitation allow remote attackers to cause a denial of ... oval:org.secpod.oval:def:1627 The host is installed with Opera before 11.10 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle hidden animated GIF images. Successful exploitation allow remote attackers to cause a denial of service (CPU consumption). oval:org.secpod.oval:def:1628 The host is installed with Opera before 11.10 and is prone to unspecified vulnerability vulnerability. A flaw is present in the application which fails to handle unknown content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1629 The host is installed with Opera before 11.10 and is prone to unspecified vulnerability vulnerability. A flaw is present in the application which fails to handle unknown content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1630 The host is installed with Opera before 11.10 and is prone to unspecified vulnerability vulnerability. A flaw is present in the application which fails to handle unknown content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1631 The host is installed with Opera before 11.10 and is prone to denial of service vulnerability. A flaw is present in the application which fails to properly implement cascading style sheets. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1633 The host is installed with Opera before 11.11 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle vectors involving a Certificate Revocation List (CRL) file. Successful exploitation allow remote attackers to cause a denial of service (application cra ... oval:org.secpod.oval:def:1637 The host is installed with Opera before 11.11 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle unknown content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1639 The host is installed with Opera before 11.11 and is prone to unspecified vulnerability. A flaw is present in the application which fails to implement DOM elements. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1640 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle SRC attribute of an IFRAME element. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1641 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle SELECT element that contains many OPTION elements. Successful exploitation allow remote attackers to cause a denial of service (application crash) ... oval:org.secpod.oval:def:1642 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle large table during a print preview. Successful exploitation allow user-assisted remote attackers to cause a denial of service (application hang). oval:org.secpod.oval:def:1643 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to implement SVG BiDi . Successful exploitation allow remote attackers to cause a denial of service (application hang). oval:org.secpod.oval:def:1644 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle Web Workers. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1645 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle vectors related to form layout. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1646 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle SVG animation. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1647 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle vectors involving SVG animation. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1648 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle web script that moves a AUDIO element or VIDEO element between windows. Successful exploitation allow remote attackers to cause a denial of service (app ... oval:org.secpod.oval:def:1649 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle vectors related to selecting a text node, and closed pop-up windows, removed pop-up windows and IFRAME elements. Successful exploitation allow remote at ... oval:org.secpod.oval:def:1650 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle some content on a web page. Successful exploitation allow remote attackers to cause a denial of service (memory consumption). oval:org.secpod.oval:def:1651 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle some content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application hang). oval:org.secpod.oval:def:1652 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle SVG implementation. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1653 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in Array.prototype.join method in the application which fails to handle a non-array object that contains initial holes. Successful exploitation allow remote attackers to cause a denial of ... oval:org.secpod.oval:def:1654 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle some unknown content on a web page. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1655 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle printing function. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1656 The host is installed with Opera before 11.50 and is prone to unspecified vulnerability. A flaw is present in the application which fails to handle impact and attack vectors, related to a "moderately severe issue". Successful exploitation allow remote attackers to cause a denial of service (applicat ... oval:org.secpod.oval:def:1658 The host is installed with Opera before 11.50 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle invalid URLs. Successful exploitation allow remote attackers to cause a denial of service (disk consumption). oval:org.secpod.oval:def:4017 The host is installed with Opera 11.60 or prior and is prone to multiple integer overflow vulnerabilities. The flaws are present in the application, which fails to handle a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) Array ... oval:org.secpod.oval:def:10880 The host is installed with Opera before 12.15 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle certain weakness in the RC4 encryption protocol. Successful exploitation allows attackers to deduce the plaintext and has some unknown impact and attac ... oval:org.secpod.oval:def:35841 The host is installed with Opera before 9.60 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle a redirect that specifies a crafted URL. Successful exploitation allows remote attackers to cause a denial of service (application crash) or execute arb ... oval:org.secpod.oval:def:35823 The host is installed with Opera before 9.26 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle images that contain custom comments. Successful exploitation allows user-assisted remote attackers to execute arbitrary script via images that contain c ... oval:org.secpod.oval:def:10881 The host is installed with Opera before 12.15 and is prone to information-disclosure vulnerability. A flaw is present in the application, which fails to properly block top-level domains in Set-Cookie headers. Successful exploitation allows attackers to obtain sensitive information by leveraging cont ... oval:org.secpod.oval:def:1691 The host is installed with Opera before 11.0 and is prone to an information disclosure vulnerability. A flaw is present in the browser, it fails to handle Wireless Application Protocol (WAP) sessions due to form fields not being cleared when a new session is started. Successful exploitation could al ... oval:org.secpod.oval:def:35829 The host is installed with Opera before 9.50 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle HTML CANVAS elements that use the images as patterns. Successful exploitation allows remote attackers to read cross-domain images. oval:org.secpod.oval:def:35831 The host is installed with Opera before 9.51 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly manage memory within functions supporting the CANVAS element. Successful exploitation allows remote attackers to read uninitialized memory contents. oval:org.secpod.oval:def:35837 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to prevent use of links from web pages to feed source files on the local disk. Successful exploitation allows remote attackers to determine the validity of local ... oval:org.secpod.oval:def:35842 The host is installed with Opera before 9.60 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to handle applet execution within the local-machine context. Successful exploitation allows remote attackers to obtain sensitive information and have u ... oval:org.secpod.oval:def:35854 The host is installed with Opera before 9.63 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors. Successful exploitation allows remote attackers to reveal random data. oval:org.secpod.oval:def:35846 The host is installed with Opera before 9.52.10108.0 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to properly escape before storage in the History Search database (aka md.dat). Successful exploitation allows remote attackers to inject arbitrar ... oval:org.secpod.oval:def:35848 The host is installed with Opera before 9.62 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which processes Javascript within the context of the "outermost page" of a frame. Successful exploitation allows remote attackers to inject arbitrary web script or H ... oval:org.secpod.oval:def:1632 The host is installed with Opera before 11.10 and is prone to search hijack vulnerability. A flaw is present in the application which fails to prevent third party applications from hijacking searches and other customizations. Successful exploitation allow remote attackers to hijack searches and cust ... oval:org.secpod.oval:def:1634 The host is installed with Opera before 11.11 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle destruction of a silverlight instance. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1635 The host is installed with Opera before 11.11 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle column-count property. Successful exploitation allow remote attackers to cause a denial of service (infinite repaint loop and application hang). oval:org.secpod.oval:def:1636 The host is installed with Opera before 11.11 and is prone to denial of service vulnerability. A flaw is present in the application which fails to handle popup of the Easy Sticky Note extension. Successful exploitation allow remote attackers to cause a denial of service (application crash). oval:org.secpod.oval:def:1638 The host is installed with Opera before 11.11 and is prone to denial of service vulnerability. A flaw is present in the application which fails to implement FRAMESET elements. Successful exploitation allow remote attackers to cause a denial of service (memory corruption). oval:org.secpod.oval:def:3439 The host is installed with Opera before 11.60 and is prone to a denial of service vulnerability. A flaw is present in the application, which fails to handle unspecified content on a web page. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:35822 The host is installed with Opera before 9.26 and is prone to unspecified vulnerability. A flaw is present in the application, which helps to read arbitrary files. Successful exploitation allows user-assisted remote attackers to read arbitrary files by tricking a user into typing the characters of th ... oval:org.secpod.oval:def:35838 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to ensure that the address field of a news feed represents the feed's actual URL. Successful exploitation allows remote attackers to change this field to display ... oval:org.secpod.oval:def:35830 The host is installed with Opera before 9.50 and is prone to unspecified vulnerability. A flaw is present in the application, which can facilitate phishing attacks. Successful exploitation allows remote attackers to spoof the contents of trusted frames on the same parent page by modifying the locati ... oval:org.mitre.oval:def:11927 Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loo ... oval:org.mitre.oval:def:11362 Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site." oval:org.mitre.oval:def:5432 Opera 9.64 allows remote attackers to cause a denial of service (application crash) via an XML document containing a long series of start-tags with no corresponding end-tags. NOTE: it was later reported that 9.52 is also affected. oval:org.mitre.oval:def:5679 Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." oval:org.mitre.oval:def:12208 Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document. oval:org.mitre.oval:def:11352 Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors related to (1) "extremely severe," (2) "highly severe," (3) "moderately severe," and (4) "less severe" issues. oval:org.secpod.oval:def:8267 The host is installed with Opera before 12.10 and is prone to unauthorized access vulnerability. A flaw is present in the application, which fails to handle the X.509 certificate-validation functionality in the https implementation. Successful exploitation could allow a remote attacker to trigger a ... oval:org.secpod.oval:def:8268 The host is installed with Opera before 12.10 and is prone to security bypass vulnerability. A flaw is present in the application, which fails to handle the Cross-Origin Resource Sharing (CORS) specification. Successful exploitation could allow a remote attacker to bypass intended page-content restr ... oval:org.secpod.oval:def:8269 The host is installed with Opera before 12.10 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to handle the vectors related sequence of loading of documents and loading of data: URLs. Successful exploitation could allow a remote attacker to injec ... oval:org.secpod.oval:def:789 The host is installed with Opera and is prone to information disclosure vulnerability. A flaw is present in the browser, which fails to handle malicious XSLT constructs which return cached contents of other pages. Successful exploitation could allow remote attackers to obtain sensitive information f ... oval:org.secpod.oval:def:8266 The host is installed with Opera before 11.67 or 12.x before 12.02 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allow remote attackers to cause truncation of a dialog, and possibly trig ... oval:org.secpod.oval:def:8274 The host is installed with Opera before 12.11 and is prone to heap-based buffer overflow vulnerability. A flaw is present in the application, which fails to properly handle a long HTTP response. Successful exploitation could allow a remote attacker to execute arbitrary code or cause a denial of serv ... oval:org.secpod.oval:def:8275 The host is installed with Opera before 12.11 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle vectors involving web script in an error page. Successful exploitation could allow a remote attacker to determine the existence of ... oval:org.mitre.oval:def:11699 Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by referencing an SVG document in an IMG element. oval:org.secpod.oval:def:8276 The host is installed with Opera before 12.12 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for GIF images. Successful exploitation could allow a remote attacker to determine the existence of arbitrary local files via v ... oval:org.secpod.oval:def:8277 The host is installed with Opera before 12.12 and is prone to address bar Spoofing vulnerability. A flaw is present in the application, which fails to properly handle a high rate of HTTP requests. Successful exploitation could allow a remote attacker to spoof the address field via a high rate of HTT ... oval:org.secpod.oval:def:8270 The host is installed with Opera before 12.10 and is prone to cross-site scripting vulnerability. A flaw is present in the application, which fails to handle the crafted JavaScript code that overrides methods of unspecified native objects in documents that have different origins. Successful exploita ... oval:org.secpod.oval:def:8271 The host is installed with Opera before 12.10 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a malformed SVG image. Successful exploitation could allow a remote attacker to execute arbitrary code or cause a denial of service (application ... oval:org.secpod.oval:def:2051 The host is installed with Opera 11.50.1074.0 or before and is prone to security-bypass vulnerability. A flaw is present in the application which fails to properly restrict modifications to cookies established in HTTPS sessions. Successful exploitation allows attackers to bypass security features pr ... oval:org.secpod.oval:def:8272 The host is installed with Opera before 12.10 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly handle incorrect size data in a WebP image. Successful exploitation could allow a remote attacker to obtain potentially sensitive informat ... oval:org.secpod.oval:def:8273 The host is installed with Opera before 12.10 and is prone to phishing attacks. A flaw is present in the application, which fails to properly handle the internet shortcuts that are referenced by a IMG element or other inline element. Successful exploitation could allow a remote attacker to conduct p ... oval:org.secpod.oval:def:15767 The host is installed with Opera before 15.0 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to inject arbitrary web script or HTML. oval:org.mitre.oval:def:6442 Opera before 10.00 trusts root X.509 certificates signed with the MD2 algorithm, which makes it easier for man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted server certificate. oval:org.mitre.oval:def:6444 Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimat ... oval:org.mitre.oval:def:12084 Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue ... oval:org.mitre.oval:def:6314 Opera before 10.01 does not properly restrict HTML in a (1) RSS or (2) Atom feed, which allows remote attackers to conduct cross-site scripting (XSS) attacks, and conduct cross-zone scripting attacks involving the Feed Subscription Page to read feeds or create feed subscriptions, via a crafted feed, ... oval:org.mitre.oval:def:11669 Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations. oval:org.mitre.oval:def:6543 Unspecified vulnerability in Opera before 10.10 has unknown impact and attack vectors, related to a "moderately severe issue." oval:org.mitre.oval:def:12071 Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scripting (XSS) attacks, and possibly execute arbitrary code by leveraging the ability of a script to inte ... oval:org.mitre.oval:def:12073 The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows remote attackers to force subscriptions to arbitrary feeds via crafted content. oval:org.secpod.oval:def:62801 Google Hangouts Extension for Google Chrome is installed oval:org.mitre.oval:def:11664 Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that is a redirect to a mailto: URL, which allows remote attackers to cause a denial of service (excessive application launches) via an HTML document with many images, a related issue to CVE-2010-0181. oval:org.mitre.oval:def:11096 Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site. oval:org.mitre.oval:def:12066 Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations. oval:org.mitre.oval:def:6370 Cross-site scripting (XSS) vulnerability in Opera 9 and 10 allows remote attackers to inject arbitrary web script or HTML via a (1) RSS or (2) Atom feed, related to the rendering of the application/rss+xml content type as "scripted content." NOTE: the vendor reportedly considers this behavior a "des ... oval:org.secpod.oval:def:724 The host is installed with Opera and is prone Information Disclosure Vulnerability. The flaw is present in application, which fails to properly implement the insecure third party module warning message. Successful exploitation could allow remote attackers to disclose potentially sensitive informatio ... oval:org.mitre.oval:def:12054 Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file. oval:org.mitre.oval:def:6482 A version of Opera Browser (32 bit) is installed. oval:org.mitre.oval:def:5955 Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption. oval:org.mitre.oval:def:11640 Opera before 10.60 allows remote attackers to cause a denial of service (application hang) via certain HTML content that has an unclosed SPAN element with absolute positioning. oval:org.secpod.oval:def:2350 The host is installed with Opera before 11.51 and is prone to information-disclosure vulnerability. A flaw is present in the application, which is caused by an error when loading content. Successful exploitation allows remote attackers to display restricted information from a trusted Web site. oval:org.secpod.oval:def:9306 The host is installed with Opera before 12.13 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to properly handle DOM events manipulation. Successful exploitation allows attackers to cause an application crash. oval:org.secpod.oval:def:9307 The host is installed with Opera before 12.13 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to handle the use of SVG clipPaths. Successful exploitation allows attackers to execute remote code. oval:org.secpod.oval:def:9308 The host is installed with Opera before 12.13 and is prone to cross site request forgery bypass vulnerability. A flaw is present in the application, which fails to send CORS preflight requests in all required cases. Successful exploitation allows attackers to bypass a CSRF protection mechanism via a ... oval:org.secpod.oval:def:9309 The host is installed with Opera before 12.13 and is prone to plaintext-recovery attack vulnerability. A flaw is present in the application, which does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding. Successful exploitation a ... oval:org.mitre.oval:def:6235 Opera before 10.00 does not properly display all characters in Internationalized Domain Names (IDN) in the address bar, which allows remote attackers to spoof URLs and conduct phishing attacks, related to Unicode and Punycode. oval:org.mitre.oval:def:6230 Opera before 9.64 allows remote attackers to execute arbitrary code via a crafted JPEG image that triggers memory corruption. oval:org.mitre.oval:def:6350 Opera 9.52 and earlier allows remote attackers to cause a denial of service (unusable browser) by calling the window.print function in a loop, aka a "printing DoS attack," possibly a related issue to CVE-2009-0821. oval:org.mitre.oval:def:6358 Opera 9.52 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a series of automatic submissions of a form containing a KEYGEN element, a related issue to CVE-2009-1828. oval:org.secpod.oval:def:950 The host is installed with Opera Browser and is prone to memory-corruption vulnerability. A flaw is present in the application which is caused by an error when handling malformed tags. Successful exploitation allows remote attacker to execute arbitrary code and cause denial of service condition. oval:org.mitre.oval:def:6460 Opera before 10.00, when a collapsed address bar is used, does not properly update the domain name from the previously visited site to the currently visited site, which might allow remote attackers to spoof URLs. oval:org.mitre.oval:def:6220 Opera before 9.64 allows remote attackers to conduct cross-domain scripting attacks via unspecified vectors related to plug-ins. oval:org.mitre.oval:def:11862 Opera before 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and the clipboard, which allows user-assisted remote attackers to trigger the uploading of arbitrary files via a crafted web site. oval:org.secpod.oval:def:68 The host is installed with Opera before 11.01 and is prone to an unspecified vulnerability. A flaw is present in Opera, which fails to properly restrict unknown content on a web page. Successful exploitation allows remote attackers to crash the application. oval:org.secpod.oval:def:67 The host is installed with Opera before 11.01 and is prone to denial of service vulnerability. A flaw is present in Opera, which fails to properly implement Wireless Application Protocol (WAP) dropdown lists. Successful exploitation allows user-assisted remote attackers to cause application crash us ... oval:org.mitre.oval:def:11622 Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScript code containing an infinite loop that creates IFRAME elements for invalid (1) news:// or (2) nntp:// URIs. oval:org.secpod.oval:def:66 The host is installed with Opera before 11.01 and is prone to information disclosure vulnerability. A flaw is present in Delete Private Data feature in Opera, which fails to delete passwords until the browser is restarted, when "Delete Private Data" is used and an option to "Clear all email account ... oval:org.secpod.oval:def:65 The host is installed with Opera before 11.01 and is prone to information disclosure vulnerability. A flaw is present in Opera which does not properly handle redirections and HTTP responses. Successful exploitation allows remote web servers to obtain sufficient access to local files and obtain poten ... oval:org.secpod.oval:def:64 The host is installed with Opera before 11.01 and is prone to Clickjacking vulnerability. A flaw is present in Opera which does not properly restrict the use of opera: URLs. Successful exploitation allows remote attackers to conduct clickjacking attacks via a crafted web site. oval:org.secpod.oval:def:63 The host is installed with Opera before 11.01 and is prone to CSS bypass vulnerability. A flaw is present in the implementation of Cascading Style Sheets (CSS) extensions for XML which recognizes links to javascript: URLs in the -o-link property. Successful exploitation allows remote attackers to by ... oval:org.secpod.oval:def:61 The host is installed with Opera before 11.01 and is prone to security vulnerability. A flaw is present in the download manager, which uses the wrong executable when trying to show the folder view. Successful exploitation could let remote attackers to execute arbitrary code via a crafted web site th ... oval:org.mitre.oval:def:11856 Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog. oval:org.mitre.oval:def:6574 Opera before 10.01 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted domain name. oval:org.mitre.oval:def:12263 Opera before 10.63 allows remote attackers to cause a denial of service (application crash) via a Flash movie with a transparent Window Mode (aka wmode) property, which is not properly handled during navigation away from the containing HTML document. oval:org.mitre.oval:def:11170 Opera before 10.60 allows remote attackers to cause a denial of service (application hang) via an ended event handler that changes the SRC attribute of an AUDIO element. oval:org.mitre.oval:def:11603 Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices of characters. oval:org.mitre.oval:def:12135 Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size. oval:org.mitre.oval:def:11950 Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations. oval:org.mitre.oval:def:11952 Opera 9.52 does not properly handle an IFRAME element with a mailto: URL in its SRC attribute, which allows remote attackers to cause a denial of service (resource consumption) via an HTML document with many IFRAME elements. oval:org.mitre.oval:def:11157 Opera before 10.60 allows remote attackers to bypass the popup blocker via a javascript: URL and a "fake click." oval:org.mitre.oval:def:6384 Opera before 10.01 on Windows does not prevent use of Web fonts in rendering the product's own user interface, which allows remote attackers to spoof the address field via a crafted web site. oval:org.mitre.oval:def:6385 Opera before 10.10, when exception stacktraces are enabled, places scripting error messages from a web site into variables that can be read by a different web site, which allows remote attackers to obtain sensitive information or conduct cross-site scripting (XSS) attacks via unspecified vectors. oval:org.mitre.oval:def:12115 Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) attacks via a crafted web site. oval:org.mitre.oval:def:11937 Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content. oval:org.mitre.oval:def:11933 Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service (CPU consumption and application hang) via an animated PNG image. oval:org.secpod.oval:def:62 The host is installed with Opera before 11.01 and is prone to denial of service vulnerability. A flaw is present in the Opera application, which fails to properly handle large form inputs. Successful exploitation could let remote attackers to execute arbitrary code and cause Opera due to memory corr ... oval:org.secpod.oval:def:44772 The host is installed with Opera 51.0.2830.55 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to disclose sensitive information. oval:org.secpod.oval:def:4964 The host is installed with Opera Browser before 11.62 and is prone to address spoofing vulnerability. A flaw is present in the application, which fails to properly handle the reloads and redirects. Successful exploitation allows remote attackers to spoof the address field by triggering a page reload ... oval:org.secpod.oval:def:4965 The host is installed with Opera Browser before 11.62 and is prone to address spoofing vulnerability. A flaw is present in the application, which fails to properly handle the Web page dialogs. Successful exploitation allows remote attackers to spoof the address field by triggering the launch of a di ... oval:org.secpod.oval:def:4966 The host is installed with Opera Browser before 11.62 and is prone to Same Origin Policy bypass vulnerability. A flaw is present in the application, which fails to handle history.pushState and history.replaceState functions in conjunction with cross-domain frames. Successful exploitation allows emot ... oval:org.secpod.oval:def:4967 The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure that a dialog window is placed on top of content windows. Successful exploitation allows remote attackers to trick users into down ... oval:org.secpod.oval:def:4968 The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure small windows. Successful exploitation allows user-assisted remote attackers to trick users into downloading and executing arbitra ... oval:org.secpod.oval:def:53071 The host is installed with Opera before 57.0.3098.106 and is prone to a DLL search order hijacking attack. A flaw is present in the application, which fails to handle an issue in loading the shcore.dll and dcomp.dll files. Successful exploitation could allow attackers to take full control of the sys ... oval:org.secpod.oval:def:6138 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted WebGL content. Successful exploitation allows remote attackers to cause application crash. oval:org.secpod.oval:def:6139 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle an IFRAME element that uses the src="#" syntax to embed a parent document. Successful exploitation allows remote attackers to cause ... oval:org.secpod.oval:def:6140 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly handle a JavaScript code that changes a form before submission. Successful exploitation allows remote attackers to cause application hang. oval:org.secpod.oval:def:6141 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted characters in domain names. Successful exploitation allows remote attackers to cause application crash. oval:org.secpod.oval:def:6142 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element. Successful exploitation allows remote ... oval:org.secpod.oval:def:6143 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a web page that contains invalid character encodings. Successful exploitation allows remote attackers to cause application crash. oval:org.secpod.oval:def:6144 The host is installed with Opera before 12.00 beta and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted web page that is not properly handled during a reload. Successful exploitation allows remote attackers to cause application crash. oval:org.secpod.oval:def:6145 The host is installed with Opera before 11.64 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to properly allocate memory for URL strings. Successful exploitation allows remote attackers to cause memory corruption or application crash. oval:org.secpod.oval:def:6146 The host is installed with Opera before 11.65 and is prone to spoofing attacks. A flaw is present in the application, which fails to ensure that the address field corresponds to the displayed web page during blocked navigation. Successful exploitation allows remote attackers to conduct spoofing atta ... oval:org.secpod.oval:def:6147 The host is installed with Opera before 11.65 and is prone to spoofing attacks. A flaw is present in the application, which fails to ensure that the address field corresponds to the displayed web page during unusually timed changes to this field. Successful exploitation allows remote attackers to co ... oval:org.secpod.oval:def:6148 The host is installed with Opera before 11.65 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly restrict the reading of JSON strings. Successful exploitation allows remote attackers to perform cross-domain loading of JSON resources an ... oval:org.secpod.oval:def:6149 The host is installed with Opera before 11.65 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly restrict the opening of a pop-up window in response to the first click of a double-click action. Successful exploitation allows remote ... oval:org.secpod.oval:def:6150 The host is installed with Opera before 11.65 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to ensure that keyboard sequences are associated with a visible window. Successful exploitation allows remote attackers to conduct cross-site scri ... oval:org.secpod.oval:def:6197 The host is installed with Opera before 9.63 and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle a crafted certificate. Successful exploitation could allow attackers to spoof servers and obtain sensitive information. oval:org.secpod.oval:def:6746 The host is installed with Opera before 12.01 and is prone to denial of service vulnerability. A flaw is present in the application, which fails to handle a crafted web site. Successful exploitation allows remote attackers to cause application crash. oval:org.secpod.oval:def:6747 The host is installed with Opera before 12.01 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to handle unknown vectors related to a "low severity issue." Successful exploitation has unknown impact and attack vectors. oval:org.secpod.oval:def:6748 The host is installed with Opera before 12.01 and is prone to Cross-site scripting (XSS) vulnerability. A flaw is present in the application, which fails to properly escape characters in DOM elements. Successful exploitation allows remote attackers to bypass cross-site scripting (XSS) protection mec ... oval:org.secpod.oval:def:6749 The host is installed with Opera before 12.01 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle a small window for the download dialog. Successful exploitation allows user-assisted remote attackers to trick users into downloading and exe ... oval:org.secpod.oval:def:6750 The host is installed with Opera before 12.01 and is prone to cross-site scripting (XSS) vulnerability. A flaw is present in the application, which ignores some characters in HTML documents in unspecified circumstances. Successful exploitation allows remote attackers to conduct cross-site scripting ... oval:org.secpod.oval:def:6924 The host is installed with Opera Browser before 11.60 and is prone to address spoofing vulnerability. A flaw is present in the application, which fails to properly handle the unspecified homograph characters. Successful exploitation allows remote attackers to spoof the address bar via unspecified ho ... oval:org.mitre.oval:def:5957 Opera, possibly 9.64 and earlier, allows remote attackers to cause a denial of service (memory consumption) via a large integer value for the length property of a Select object, a related issue to CVE-2009-1692. oval:org.mitre.oval:def:6357 Opera before 10.00 does not check all intermediate X.509 certificates for revocation, which makes it easier for remote SSL servers to bypass validation of the certificate chain via a revoked certificate. oval:org.secpod.oval:def:35835 The host is installed with Opera before 9.52 and is prone to unspecified vulnerability. A flaw is present in the application, which fails to properly restrict the ability of a framed web page to change the address associated with a different frame. Successful exploitation allows remote attackers to ... oval:org.secpod.oval:def:2351 The host is installed with Opera before 11.51, Windows operating system with SSL 3.0 or TLS 1.0 and is prone to an information disclosure vulnerability. A flaw is present in the application which is caused due to some unspecified error. Successful exploitation allows attackers to cause unknown impac ... |
