Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:opera:opera_browser:2.10:beta1:*:*:*:*:*:*
  • CPE Name Search: true
There are 143 matching records.
Displaying matches 141 through 143.
Vuln ID Summary CVSS Severity

The Javascript SVG support in Opera before 9.10 does not properly validate object types in a createSVGTransformFromMatrix request, which allows remote attackers to execute arbitrary code via JavaScript code that uses an invalid object in this request that causes a controlled pointer to be referenced during the virtual function call.

Published: January 08, 2007; 9:28:00 PM -0500
V3.x:(not available)
V2.0: 9.3 HIGH

Integer signedness error in Opera before 8.54 allows remote attackers to execute arbitrary code via long values in a stylesheet attribute, which pass a length check. NOTE: a sign extension problem makes the attack easier with shorter strings.

Published: April 19, 2006; 12:06:00 PM -0400
V3.x:(not available)
V2.0: 5.1 MEDIUM

The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames.

Published: September 21, 2005; 4:03:00 PM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM