Popis
Multiple vulnerabilities were found in Opera Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service.
Below is a complete list of vulnerabilities:
- Cross-origin data leak vulnerability can be exploited to arbitrary code execution;
- Security UI vulnerability in full screen mode can be exploited remotely via a crafted web page to perform domain spoofing;
- URL spoof vulnerability in navigation can be exploited to arbitrary code execution;
- Out-of-bounds read vulnerability in PDFium can be exploited to arbitrary code execution;
- Unspecified vulnerability in libexpat can be exploited remotely via specially designed XML-file to obtain sensitive information;
- File download protection bypass vulnerability can be exploited to arbitrary code execution;
- Privilege elevation vulnerability in Installer can be exploited to arbitrary code execution;
- Use-after-free vulnerability in media can be exploited to arbitrary code execution;
- IDN spoof vulnerability can be exploited to arbitrary code execution;
- CSP bypass vulnerability can be exploited to arbitrary code execution;
- CSS injection vulnerability can be exploited to arbitrary code execution;
- Cross-context information leak vulnerability can be exploited to arbitrary code execution;
- Extension permission bypass vulnerability can be exploited to arbitrary code execution;
- Service worker state error vulnerability can be exploited to arbitrary code execution;
- Address bar spoofing vulnerability can be exploited to arbitrary code execution;
- Use after free vulnerability in content delivery manager can be exploited remotely via a crafted web page to potentially cause denial of service;
- File storage disclosure vulnerability can be exploited to arbitrary code execution;
- URL bar spoofing vulnerability can be exploited to arbitrary code execution;
- Buffer overrun vulnerability in Blink can be exploited to arbitrary code execution;
- HTTP authentication spoof vulnerability can be exploited to arbitrary code execution;
Oficiální doporučení
Vykořisťování
Public exploits exist for this vulnerability.
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Související produkty
seznam CVE
- CVE-2019-13699 critical
- CVE-2019-13700 critical
- CVE-2019-13701 warning
- CVE-2019-13702 critical
- CVE-2019-13703 warning
- CVE-2019-13704 warning
- CVE-2019-13705 warning
- CVE-2019-13706 critical
- CVE-2019-13707 high
- CVE-2019-13708 warning
- CVE-2019-13709 high
- CVE-2019-13710 warning
- CVE-2019-13711 high
- CVE-2019-15903 critical
- CVE-2019-13713 high
- CVE-2019-13714 high
- CVE-2019-13715 warning
- CVE-2019-13716 warning
- CVE-2019-13717 warning
- CVE-2019-13718 warning
- CVE-2019-13719 warning
- CVE-2019-13765 high
Zobrazit více
Zjistěte statistiky zranitelností šířících se ve vaší oblasti statistics.securelist.com
Našli jste v popisu této chyby zabezpečení nepřesnost? Dej nám vědět!