cpe:2.3:a:opera:opera:9.0:beta_2:*:*:*:*:*:*
Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information.
Max CVSS
6.9
EPSS Score
0.05%
Published
2012-09-07
Updated
2012-09-07
The HTML parsing engine in Opera before 9.63 allows remote attackers to execute arbitrary code via crafted web pages that trigger an invalid pointer calculation and heap corruption.
Max CVSS
9.3
EPSS Score
3.83%
Published
2008-12-19
Updated
2018-10-11
The links panel in Opera before 9.62 processes Javascript within the context of the "outermost page" of a frame, which allows remote attackers to inject arbitrary web script or HTML via cross-site scripting (XSS) attacks.
Max CVSS
4.3
EPSS Score
34.43%
Published
2008-10-30
Updated
2017-08-08
Opera before 9.62 allows remote attackers to execute arbitrary commands via the History Search results page, a different vulnerability than CVE-2008-4696.
Max CVSS
9.3
EPSS Score
10.55%
Published
2008-10-30
Updated
2017-08-08

CVE-2008-4696

Public exploit
Cross-site scripting (XSS) vulnerability in Opera.dll in Opera before 9.61 allows remote attackers to inject arbitrary web script or HTML via the anchor identifier (aka the "optional fragment"), which is not properly escaped before storage in the History Search database (aka md.dat).
Max CVSS
4.3
EPSS Score
85.75%
Published
2008-10-23
Updated
2018-10-11
Opera before 9.60 allows remote attackers to obtain sensitive information and have unspecified other impact by predicting the cache pathname of a cached Java applet and then launching this applet from the cache, leading to applet execution within the local-machine context.
Max CVSS
9.3
EPSS Score
11.04%
Published
2008-10-23
Updated
2017-08-08
Unspecified vulnerability in Opera before 9.52 on Windows, when registered as a protocol handler, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors in which Opera is launched by other applications.
Max CVSS
10.0
EPSS Score
8.06%
Published
2008-09-27
Updated
2017-08-08
Unspecified vulnerability in Opera before 9.51 on Windows allows attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
0.61%
Published
2008-07-09
Updated
2017-08-08
Unspecified vulnerability in Opera before 9.27 has unknown impact and attack vectors related to "keyboard handling of password inputs."
Max CVSS
9.3
EPSS Score
0.67%
Published
2008-04-12
Updated
2017-08-08
Opera before 9.27 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted newsfeed source, which triggers an invalid memory access.
Max CVSS
9.3
EPSS Score
2.12%
Published
2008-04-12
Updated
2017-08-08
10 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!