Search Results (Refine Search)
- CPE Product Version: cpe:/a:opera:opera_browser:10.00:alpha
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2010-3019 |
Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code or cause a denial of service (application crash or hang) via vectors related to HTML5 canvas painting operations that occur during the application of transformations. Published: August 16, 2010; 2:39:40 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2010-2576 |
Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a recent tab change, which allows remote attackers to conduct clickjacking attacks, and consequently execute arbitrary code, via vectors involving (1) closing a tab or (2) hiding a tab, a related issue to CVE-2005-2407. Published: August 16, 2010; 2:39:40 PM -0400 |
V3.x:(not available) V2.0: 6.8 MEDIUM |
CVE-2009-3048 |
Opera before 10.00 on Linux, Solaris, and FreeBSD does not properly implement the "INPUT TYPE=file" functionality, which allows remote attackers to trick a user into uploading an unintended file via vectors involving a "dropped file." Published: September 02, 2009; 1:30:01 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2009-3044 |
Opera before 10.00 does not properly handle a (1) '\0' character or (2) invalid wildcard character in a domain name in the subject's Common Name (CN) field of an X.509 certificate, which allows man-in-the-middle attackers to spoof arbitrary SSL servers via a crafted certificate issued by a legitimate Certification Authority. Published: September 02, 2009; 1:30:00 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |