Opera 7.54 and earlier does not properly limit an applet's access to internal Java packages from Sun, which allows remote attackers to gain sensitive information, such as user names and the installation directory.

CVE-2004-1489

Opera 7.51 for Windows and 7.50 for Linux does not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other attacks, aka the frame injection vulnerability.

The Secunia Research team from Flexera is comprised of a number of security specialists who—in addition to testing, verifying, and validating public vulnerability reports—conduct their own vulnerability research in various products. Since the founding of the Secunia Research team in 2002, it has been our goal to be provide the most accurate and reliable source of vulnerability intelligence.

Delivering the world’s best vulnerability intelligence requires skill and passion. The members of our team continually develop their skills exploring various high-profile closed and open source software using a variety of approaches, focusing chiefly on thorough code audits and binary analysis.   In 2019 a member of our team was recognized by Microsoft’s Most Valuable Security Researchers list.

This enables Secunia researchers to discover hard-to-find vulnerabilities that are not normally identified via techniques such as fuzzing, and the approach has been effective. Members of the Secunia Research team have discovered critical vulnerabilities in products from vendors including Microsoft, Symantec, IBM, Adobe, RealNetworks, Trend Micro, HP, Blue Coat, Samba, CA, Mozilla, and Apple.

The team produces invaluable security advisories based upon the research of the vulnerabilities affecting any given software update. Sometimes a single update can address multiple vulnerabilities of varying criticalities and threats; but these advisories aggregate and distill findings down to a single advisory perfect for the prioritization of patch efforts. In these advisories, criticality scores are consistently applied along with details around attack vector and other valuable details. Illegitimate vulnerability reports are also investigated and rejected so you can focus only on what truly matters.

**Related links**

*   Software Vulnerability Research
    
*   Software Vulnerability Research - Secunia Data
    
*   Software Vulnerability Manager
    
*   Security advisories from Secunia Research
    
*   Anatomy of a security advisory
    
*   Vulnerability Disclosure Policy
    
*   Support
    

Informing IT, Transforming IT

**Industry insights to help keep you informed**

CVE-2004-0717: About Secunia Research | Flexera

Opera Web Browser 7.0 through 7.23 allows remote attackers to trick users into executing a malicious file by embedding a CLSID in the file name, which causes the malicious file to appear as a trusted file type, aka "File Download Extension Spoofing."

Tag

#apple