|
300991
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application crash) by sending a redirect during the saving of a file.
|
CWE-20
Improper Input Validation
|
CVE-2010-4048
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300992
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not properly select the security context of JavaScript code associated with an error page, which allows user-assisted remote attackers to conduct cross-site scripting (XSS) at…
|
CWE-79
Cross-site Scripting
|
CVE-2010-4047
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300993
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content.
|
CWE-200
Information Exposure
|
CVE-2010-4046
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300994
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not properly restrict web script in unspecified circumstances involving reloads and redirects, which allows remote attackers to spoof the Address Bar, conduct cross-site scrip…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4045
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300995
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the beginning of the URL, which allows remote attackers to spoof URLs by changing a window's size.
|
CWE-20
Improper Input Validation
|
CVE-2010-4044
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300996
|
- |
|
opera
|
opera_browser
|
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive infor…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2010-4043
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300997
|
9.8 |
CRITICAL
Network
|
google
opensuse
|
chrome
opensuse
|
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "sta…
|
CWE-20
Improper Input Validation
|
CVE-2010-4042
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300998
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, which might allow remote attackers to bypass intended access restrictions via unsp…
|
NVD-CWE-noinfo
|
CVE-2010-4041
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
300999
|
7.8 |
HIGH
Local
|
google
debian
opensuse
|
chrome
debian_linux
opensuse
|
Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact …
|
CWE-20
Improper Input Validation
|
CVE-2010-4040
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
301000
|
9.8 |
CRITICAL
Network
|
google
|
chrome
|
Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impact and attack vectors.
|
NVD-CWE-noinfo
|
CVE-2010-4039
|
2024-11-21 10:20 |
2010-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
