CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Opera : Security Vulnerabilities (Denial Of Service)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2012-6470 119 DoS Exec Code Overflow 2013-01-02 2013-01-02
9.3
None Remote Medium Not required Complete Complete Complete
Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.
2 CVE-2012-6468 119 DoS Exec Code Overflow Mem. Corr. 2013-01-02 2013-01-02
9.3
None Remote Medium Not required Complete Complete Complete
Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.
3 CVE-2012-6465 94 DoS Exec Code 2013-01-02 2013-01-02
9.3
None Remote Medium Not required Complete Complete Complete
Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image.
4 CVE-2012-4146 119 DoS Overflow 2012-08-06 2012-08-07
4.3
None Remote Medium Not required None None Partial
Opera before 12.01 allows remote attackers to cause a denial of service (application crash) via a crafted web site, as demonstrated by the Lenovo "Shop now" page.
5 CVE-2012-3568 DoS 2012-06-14 2012-08-16
5.0
None Remote Low Not required None None Partial
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted WebGL content, as demonstrated by a codeflow.org WebGL demo.
6 CVE-2012-3567 DoS 2012-06-14 2012-08-16
5.0
None Remote Low Not required None None Partial
Opera before 12.00 Beta allows remote attackers to cause a denial of service (memory consumption or application hang) via an IFRAME element that uses the src="#" syntax to embed a parent document.
7 CVE-2012-3566 DoS 2012-06-14 2012-08-16
4.3
None Remote Medium Not required None None Partial
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application hang) via JavaScript code that changes a form before submission.
8 CVE-2012-3565 DoS 2012-06-14 2012-08-16
5.0
None Remote Low Not required None None Partial
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via crafted characters in domain names, as demonstrated by "IDNA2008 tests."
9 CVE-2012-3564 DoS Overflow 2012-06-14 2012-08-16
5.0
None Remote Low Not required None None Partial
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application hang) via an absolutely positioned wrap=off TEXTAREA element located next to an "overflow: auto" block element.
10 CVE-2012-3563 DoS 2012-06-14 2012-08-16
5.0
None Remote Low Not required None None Partial
Opera before 12.00 Beta allows remote attackers to cause a denial of service (application crash) via a web page that contains invalid character encodings.
11 CVE-2012-3562 DoS 2012-06-14 2012-08-16
4.3
None Remote Medium Not required None None Partial
Opera before 12.00 Beta allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload, as demonstrated by a "multiple origin camera test" page.
12 CVE-2012-3561 119 DoS Exec Code Overflow Mem. Corr. 2012-06-14 2012-08-13
10.0
None Remote Low Not required Complete Complete Complete
Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted string.
13 CVE-2012-1003 189 DoS Overflow 2012-02-06 2012-02-13
5.0
None Remote Low Not required None None Partial
Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. NOTE: the vendor reportedly characterizes this as "a stability issue, not a security issue."
14 CVE-2011-4687 399 DoS 2011-12-07 2012-03-06
5.0
None Remote Low Not required None None Partial
Opera before 11.60 allows remote attackers to cause a denial of service (CPU and memory consumption) via unspecified content on a web page, as demonstrated by a page under the cisco.com home page.
15 CVE-2011-4686 DoS 2011-12-07 2012-03-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Web Workers implementation in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
16 CVE-2011-4685 20 DoS 2011-12-07 2012-03-06
5.0
None Remote Low Not required None None Partial
Dragonfly in Opera before 11.60 allows remote attackers to cause a denial of service (application crash) via unspecified content on a web page, as demonstrated by forbes.com.
17 CVE-2011-2641 399 1 DoS 2011-07-01 2011-07-05
5.0
None Remote Low Not required None None Partial
Opera 11.11 allows remote attackers to cause a denial of service (application crash) by setting the FACE attribute of a FONT element within an IFRAME element after changing the SRC attribute of this IFRAME element to an about:blank value.
18 CVE-2011-2640 399 DoS 2011-07-01 2011-09-06
5.0
None Remote Low Not required None None Partial
Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via an HTML document that has an empty parameter value for an embedded Java applet.
19 CVE-2011-2639 399 DoS 2011-07-01 2011-07-05
5.0
None Remote Low Not required None None Partial
Opera before 11.10 does not properly handle hidden animated GIF images, which allows remote attackers to cause a denial of service (CPU consumption) via an image file that triggers continual repaints.
20 CVE-2011-2638 DoS 2011-07-01 2011-07-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by games on zylom.com.
21 CVE-2011-2637 DoS 2011-07-01 2011-07-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by futura-sciences.com, seoptimise.com, and mitosyfraudes.org.
22 CVE-2011-2636 DoS 2011-07-01 2011-07-06
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by a certain Tomato Firmware page.
23 CVE-2011-2635 399 DoS 2011-07-01 2011-07-06
5.0
None Remote Low Not required None None Partial
The Cascading Style Sheets (CSS) implementation in Opera before 11.10 allows remote attackers to cause a denial of service (application crash) via vectors involving use of the :hover pseudo-class, in conjunction with transforms, for a floated element.
24 CVE-2011-2633 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via vectors involving a Certificate Revocation List (CRL) file, as demonstrated by the multicert-ca-02.crl file.
25 CVE-2011-2632 20 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Opera before 11.11 does not properly handle destruction of a Silverlight instance, which allows remote attackers to cause a denial of service (application crash) via a web page, as demonstrated by vod.onet.pl.
26 CVE-2011-2631 20 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
The Cascading Style Sheets (CSS) implementation in Opera before 11.11 does not properly handle the column-count property, which allows remote attackers to cause a denial of service (infinite repaint loop and application hang) via a web page, as demonstrated by an unspecified Wikipedia page.
27 CVE-2011-2630 20 DoS 2011-07-01 2011-07-08
4.3
None Remote Medium Not required None None Partial
Opera before 11.11 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page that is not properly handled during a reload occurring after the opening of a popup of the Easy Sticky Note extension.
28 CVE-2011-2629 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.11 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by www.falk.de.
29 CVE-2011-2628 20 DoS Exec Code Mem. Corr. 2011-07-01 2012-02-13
10.0
None Remote Low Not required Complete Complete Complete
Opera before 11.11 does not properly implement FRAMESET elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via vectors related to page unload.
30 CVE-2011-2627 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the DOM implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by live.com.
31 CVE-2011-2626 399 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) by using "injected script" to set the SRC attribute of an IFRAME element.
32 CVE-2011-2625 399 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a SELECT element that contains many OPTION elements.
33 CVE-2011-2624 399 DoS 2011-07-01 2011-07-08
4.3
None Remote Medium Not required None None Partial
Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application hang) via a large table, which is not properly handled during a print preview.
34 CVE-2011-2623 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the SVG BiDi implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash or hang) via unknown vectors.
35 CVE-2011-2622 DoS 2011-07-01 2011-07-08
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in the Web Workers implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown vectors.
36 CVE-2011-2621 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to form layout.
37 CVE-2011-2620 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving SVG animation.
38 CVE-2011-2619 399 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a gradient with many stops, related to the implementation of CANVAS elements, SVG, and Cascading Style Sheets (CSS).
39 CVE-2011-2618 399 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via web script that moves a (1) AUDIO element or (2) VIDEO element between windows.
40 CVE-2011-2617 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors related to selecting a text node, and closed pop-up windows, removed pop-up windows, and IFRAME elements.
41 CVE-2011-2616 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (memory consumption) via unknown content on a web page, as demonstrated by test262.ecmascript.org.
42 CVE-2011-2615 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application hang) via unknown content on a web page, as demonstrated by domiteca.com.
43 CVE-2011-2614 399 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
The SVG implementation in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via vectors involving a path on which many characters are drawn.
44 CVE-2011-2613 399 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
The Array.prototype.join method in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via a non-array object that contains initial holes.
45 CVE-2011-2612 DoS 2011-07-01 2011-07-11
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.50 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by progorod.ru.
46 CVE-2011-2611 DoS 2011-07-01 2011-07-11
4.3
None Remote Medium Not required None None Partial
Unspecified vulnerability in the printing functionality in Opera before 11.50 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted web page.
47 CVE-2011-1824 20 DoS Exec Code 2011-05-10 2011-09-21
4.3
None Remote Medium Not required None None Partial
The VEGAOpBitmap::AddLine function in Opera before 10.61 does not properly initialize memory during processing of the SIZE attribute of a SELECT element, which allows remote attackers to trigger an invalid memory write operation, and consequently cause a denial of service (application crash) or possibly execute arbitrary code, via a large integer attribute value.
48 CVE-2011-1337 399 DoS 2011-07-01 2011-08-23
4.3
None Remote Medium Not required None None Partial
Opera before 11.50 allows remote attackers to cause a denial of service (disk consumption) via invalid URLs that trigger creation of error pages.
49 CVE-2011-0687 20 DoS 2011-01-31 2011-07-18
4.3
None Remote Medium Not required None None Partial
Opera before 11.01 does not properly implement Wireless Application Protocol (WAP) dropdown lists, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted WAP document.
50 CVE-2011-0686 DoS 2011-01-31 2011-07-18
5.0
None Remote Low Not required None None Partial
Unspecified vulnerability in Opera before 11.01 allows remote attackers to cause a denial of service (application crash) via unknown content on a web page, as demonstrated by vkontakte.ru.
Total number of vulnerabilities : 76   Page : 1 (This Page)2
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.