This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Opera Software First view 2004-02-11
Product Opera Web Browser Last view 2007-07-20
Version 7.23 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:opera_software:opera_web_browser

Activity : Overall

Related : CVE

  Date Alert Description
9.3 2007-07-20 CVE-2007-3929

Use-after-free vulnerability in the BitTorrent support in Opera before 9.22 allows user-assisted remote attackers to execute arbitrary code via a crafted header in a torrent file, which leaves a dangling pointer to an invalid object.

9.3 2007-05-22 CVE-2007-2809

Buffer overflow in the transfer manager in Opera before 9.21 for Windows allows user-assisted remote attackers to execute arbitrary code via a crafted torrent file. NOTE: due to the lack of details, it is not clear if this is the same issue as CVE-2007-2274.

5 2006-06-30 CVE-2006-3331

Opera before 9.0 does not reset the SSL security bar after displaying a download dialog from an SSL-enabled website, which allows remote attackers to spoof a trusted SSL certificate from an untrusted website and facilitates phishing attacks.

7.5 2006-06-23 CVE-2006-3198

Integer overflow in Opera 8.54 and earlier allows remote attackers to execute arbitrary code via a JPEG image with large height and width values, which causes less memory to be allocated than intended.

5 2005-12-13 CVE-2005-4210

Opera before 8.51, when running on Windows with Input Method Editor (IME) installed, allows remote attackers to cause a denial of service (persistent application crash) by bookmarking a site with a long title.

10 2005-09-26 CVE-2005-3059

Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding."

2.6 2005-07-13 CVE-2005-2273

Opera 7.x and 8 before 8.01 does not clearly associate a Javascript dialog box with the web page that generated it, which allows remote attackers to spoof a dialog box from a trusted site and facilitates phishing attacks, aka the "Dialog Origin Spoofing Vulnerability."

5 2005-01-12 CVE-2005-0456

Opera 7.54 and earlier does not properly validate base64 encoded binary data in a data: (RFC 2397) URL, which causes the URL to be obscured in a download dialog, which may allow remote attackers to trick users into executing arbitrary code.

5 2005-01-10 CVE-2004-1201

Opera 7.54 allows remote attackers to cause a denial of service (application crash from memory exhaustion), as demonstrated using Javascript code that continuously creates nested arrays and then sorts the newly created arrays.

5 2004-12-31 CVE-2004-2570

Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.

5 2004-12-31 CVE-2004-2260

Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.

5 2004-12-31 CVE-2004-1810

The Javascript engine in Opera 7.23 allows remote attackers to cause a denial of service (crash) by creating a new Array object with a large size value, then writing into that array.

2.6 2004-12-31 CVE-2004-1490

Opera 7.54 and earlier allows remote attackers to spoof file types in the download dialog via dots and non-breaking spaces (ASCII character code 160) in the (1) Content-Disposition or (2) Content-Type headers.

2.6 2004-12-31 CVE-2004-1489

Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.

2.6 2004-10-18 CVE-2004-1615

Opera allows remote attackers to cause a denial of service (invalid memory reference and application crash) via a web page or HTML email that contains a TBODY tag with a large COL SPAN value, as demonstrated by mangleme.

5 2004-08-06 CVE-2004-0537

Opera 7.50 and earlier allows remote web sites to provide a "Shortcut Icon" (favicon) that is wider than expected, which could allow the web sites to spoof a trusted domain and facilitate phishing attacks using a wide icon and extra spaces.

7.5 2004-04-15 CVE-2003-0593

Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.

2.6 2004-02-11 CVE-2004-2083

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."

CWE : Common Weakness Enumeration

%idName
100% (1) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions

Open Source Vulnerability Database (OSVDB)

id Description
59439 Opera JavaScript Engine Array Handling DoS
38123 Opera BitTorrent File Header Parsing Use-after-free Arbitrary Code Execution
36229 Opera Transfer Manager Torrent File Handling Overflow
26960 Opera SSL Security Bar Trusted Certificate Spoofing
26787 Opera JPEG Processing Overflow
21641 Opera Bookmarked Page Title Overflow DoS
19740 Opera Cookie Comment Encoding Unspecified Issue
19739 Opera HTTPS must-revalidate Cache Directive Unspecified Issue
17397 Multiple Browser Javascript Dialog Origin Spoofing
12867 Opera data: URI Handler Application Spoofing
12291 Opera Download File Type Dialog Spoofing
12007 Opera sun.security.krb5.Credentials Java Class User Name Disclosure
11151 Multiple Browser Recursive Sorted Array Overflow DoS
11137 Opera TBODY Multiple COL SPAN Tag DoS
8331 Opera location Object Crafted URL Arbitrary Local File Access
6590 Opera favicon.ico Address Bar Spoofing
6108 Opera onUnload Address Bar Spoofing
4189 Opera Cookie Path Traversal
3917 Opera Browser File Download Extension Spoofing

OpenVAS Exploits

id Description
2008-09-24 Name : Gentoo Security Advisory GLSA 200408-05 (Opera)
File : nvt/glsa_200408_05.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200502-17 (Opera)
File : nvt/glsa_200502_17.nasl
2008-09-24 Name : Gentoo Security Advisory GLSA 200708-17 (opera)
File : nvt/glsa_200708_17.nasl
2008-09-04 Name : FreeBSD Ports: linux-opera, opera-devel, opera
File : nvt/freebsd_linux-opera7.nasl
2008-09-04 Name : FreeBSD Ports: opera, opera-devel, linux-opera
File : nvt/freebsd_opera.nasl
2008-09-04 Name : FreeBSD Ports: opera, opera-devel, linux-opera
File : nvt/freebsd_opera1.nasl
2008-09-04 Name : FreeBSD Ports: opera, opera-devel, linux-opera
File : nvt/freebsd_opera7.nasl
2005-11-03 Name : Opera web browser address bar spoofing weakness
File : nvt/opera_address_bar_spoofing.nasl
2005-11-03 Name : Opera web browser address bar spoofing weakness (2)
File : nvt/opera_favicon_address_bar_spoofing.nasl
2005-11-03 Name : Opera web browser file download extension spoofing
File : nvt/opera_file_download_extension_spoofing.nasl
2005-11-03 Name : Opera web browser large javaScript array handling vulnerability
File : nvt/opera_large_javascript_array_vuln.nasl
2005-11-03 Name : Opera remote location object cross-domain scripting vulnerability
File : nvt/opera_remote_location_object_flaw.nasl

Nessus® Vulnerability Scanner

id Description
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_opera-1699.nasl - Type: ACT_GATHER_INFO
2007-10-17 Name: The remote openSUSE host is missing a security update.
File: suse_opera-1697.nasl - Type: ACT_GATHER_INFO
2007-09-14 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200708-17.nasl - Type: ACT_GATHER_INFO
2007-07-23 Name: The remote host contains a web browser that is affected by multiple issues.
File: opera_922.nasl - Type: ACT_GATHER_INFO
2007-07-23 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_12d266b6363f11dcb6c9000c6ec775d9.nasl - Type: ACT_GATHER_INFO
2007-05-21 Name: The remote host contains a web browser that is prone to a buffer overflow att...
File: opera_921.nasl - Type: ACT_GATHER_INFO
2007-02-18 Name: The remote host is missing a vendor-supplied security patch
File: suse_SA_2006_038.nasl - Type: ACT_GATHER_INFO
2006-06-30 Name: The remote host contains a web browser that is affected by multiple issues.
File: opera_900.nasl - Type: ACT_GATHER_INFO
2005-10-05 Name: The remote Mandrake Linux host is missing one or more security updates.
File: mandrake_MDKSA-2005-128.nasl - Type: ACT_GATHER_INFO
2005-09-13 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-810.nasl - Type: ACT_GATHER_INFO
2005-08-23 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-779.nasl - Type: ACT_GATHER_INFO
2005-07-20 Name: The remote host is missing a vendor-supplied security patch
File: suse_SA_2005_031.nasl - Type: ACT_GATHER_INFO
2005-07-13 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_20c9bb1481e611d9a9e70001020eed82.nasl - Type: ACT_GATHER_INFO
2005-02-15 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200502-17.nasl - Type: ACT_GATHER_INFO
2004-08-30 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-200408-05.nasl - Type: ACT_GATHER_INFO
2004-08-23 Name: The remote host has an application that is affected by an information disclos...
File: opera_resource_detection.nasl - Type: ACT_GATHER_INFO
2004-08-12 Name: The remote host contains a web browser that is affected by multiple flaws.
File: opera_remote_location_object_flaw.nasl - Type: ACT_GATHER_INFO
2004-08-10 Name: An installed browser is vulnerable to a denial of service attack.
File: opera_large_javascript_array_vuln.nasl - Type: ACT_GATHER_INFO
2004-08-10 Name: Arbitrary code might be run on the remote host.
File: opera_file_download_extension_spoofing.nasl - Type: ACT_GATHER_INFO
2004-08-10 Name: The remote host contains a web browser that is vulnerable to address bar spoo...
File: opera_favicon_address_bar_spoofing.nasl - Type: ACT_GATHER_INFO
2004-08-10 Name: An installed browser is vulnerable to address bar spoofing.
File: opera_address_bar_spoofing.nasl - Type: ACT_GATHER_INFO