Opera : Security Vulnerabilities, CVEs, Published In 2003
Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data.
Max CVSS
4.3
EPSS Score
0.26%
Published
2003-12-31
Updated
2009-01-29
Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header.
Max CVSS
4.3
EPSS Score
0.18%
Published
2003-12-31
Updated
2022-02-24
The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method.
Max CVSS
4.3
EPSS Score
0.30%
Published
2003-12-31
Updated
2022-03-01
Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension.
Max CVSS
6.8
EPSS Score
0.56%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension.
Max CVSS
9.3
EPSS Score
0.37%
Published
2003-12-31
Updated
2022-03-01
Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username.
Max CVSS
7.5
EPSS Score
4.01%
Published
2003-12-31
Updated
2022-03-01
Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name.
Max CVSS
7.5
EPSS Score
4.81%
Published
2003-11-17
Updated
2022-03-01
7 vulnerabilities found