The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk cast converts a return value to an unsigned int even if that value is negative. This could result in a denial of service and/or a potential infoleak.
The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure small windows. Successful exploitation allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog.
The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure small windows. Successful exploitation allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog.
The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure that a dialog window is placed on top of content windows. Successful exploitation allows remote attackers to trick users into downloading and executing arbitrary files via a download dialog located under other windows.
The host is installed with Opera Browser before 11.62 and is prone to arbitrary code execution vulnerability. A flaw is present in the application, which fails to ensure that a dialog window is placed on top of content windows. Successful exploitation allows remote attackers to trick users into downloading and executing arbitrary files via a download dialog located under other windows.
The host is installed with Opera Browser before 11.62 and is prone to Same Origin Policy bypass vulnerability. A flaw is present in the application, which fails to handle history.pushState and history.replaceState functions in conjunction with cross-domain frames. Successful exploitation allows emote attackers to gain unintended read access to history.state information.
The host is installed with Opera Browser before 11.62 and is prone to Same Origin Policy bypass vulnerability. A flaw is present in the application, which fails to handle history.pushState and history.replaceState functions in conjunction with cross-domain frames. Successful exploitation allows emote attackers to gain unintended read access to history.state information.
The host is installed with Opera Browser before 11.62 and is prone to address spoofing vulnerability. A flaw is present in the application, which fails to properly handle the Web page dialogs. Successful exploitation allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.
The host is installed with Opera Browser before 11.62 and is prone to address spoofing vulnerability. A flaw is present in the application, which fails to properly handle the Web page dialogs. Successful exploitation allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.