Opera before 8.51 on Linux and Unix systems allows remote attackers to execute arbitrary code via shell metacharacters (backticks) in a URL that another product provides in a command line argument when launching Opera.
Max CVSS
7.5
EPSS Score
15.05%
Published
2005-11-22
Updated
2022-02-28
Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."
Max CVSS
10.0
EPSS Score
0.41%
Published
2005-09-26
Updated
2022-02-28
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect.
Max CVSS
7.5
EPSS Score
0.66%
Published
2005-06-16
Updated
2022-02-28
Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.
Max CVSS
7.5
EPSS Score
0.51%
Published
2005-04-14
Updated
2022-02-28
Opera 7.54 and earlier on Gentoo Linux uses an insecure path for plugins, which could allow local users to gain privileges by inserting malicious libraries into the PORTAGE_TMPDIR (portage) temporary directory.
Max CVSS
7.2
EPSS Score
0.04%
Published
2005-05-02
Updated
2022-02-28
The International Domain Name (IDN) support in Firefox 1.0, Camino .8.5, and Mozilla before 1.7.6 allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.
Max CVSS
7.5
EPSS Score
95.72%
Published
2005-02-08
Updated
2022-02-28
Opera 7.x up to 7.54, and possibly other versions, allows remote attackers to spoof arbitrary web sites by injecting content from one window into a target window whose name is known but resides in a different domain, as demonstrated using a pop-up window on a trusted web site, aka the "window injection" vulnerability.
Max CVSS
7.5
EPSS Score
1.17%
Published
2005-01-10
Updated
2022-02-28
7 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!