Opera Software: Security Vulnerabilities
Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does not expect, possibly through web applications that use a text/plain type to prevent cross-site scripting attacks.
CVSS Score
4.3
EPSS Score
0.003
Published
2002-05-29
Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) via a web page with a large number of images.
CVSS Score
5.0
EPSS Score
0.047
Published
2001-12-31
Opera 6.0 and earlier allows remote attackers to access sensitive information such as cookies and links for other domains via Javascript that uses setTimeout to (1) access data after a new window to the domain has been opened or (2) access data via about:cache.
CVSS Score
5.0
EPSS Score
0.039
Published
2001-11-15
Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers to cause a denial of service, possibly with a header whose value is the same as a MIME header name.
CVSS Score
5.0
EPSS Score
0.011
Published
2001-07-09
Opera 3.2.1 allows remote attackers to cause a denial of service (application crash) via a URL that contains an extra / in the http:// tag.
CVSS Score
5.0
EPSS Score
0.007
Published
1998-08-14
Page 2