Skip to main content

Opera Browser CVE-2012-1927

MEDIUM
Improper Input Validation (CWE-20)
2012-03-28 cve@mitre.org
6.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
6.4 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:P

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:P/A:P
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
P

Lifecycle Timeline

1
CVE Published
Mar 28, 2012 - 03:22 cve.org
MEDIUM 6.4

DescriptionCVE.org

Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.

AnalysisAI

Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain. Affected products include: Opera Opera Browser. Version information: before 11.62.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2012-6470 CRITICAL POC
9.3 Jan 02

Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary

CVE-2013-1638 CRITICAL POC
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. Rated cri

CVE-2012-3561 CRITICAL
10.0 Jun 14

Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary

CVE-2012-6468 CRITICAL
9.3 Jan 02

Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of

CVE-2013-1637 CRITICAL
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events. Rated critical se

CVE-2016-4075 MEDIUM POC
6.1 Apr 21

Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related

CVE-2013-3211 CRITICAL
10.0 Apr 19

Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe i

CVE-2012-4145 CRITICAL
10.0 Aug 06

Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,

CVE-2012-3559 CRITICAL
10.0 Jun 14

Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderat

CVE-2012-6465 CRITICAL
9.3 Jan 02

Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi

CVE-2012-3556 CRITICAL
9.3 Jun 14

Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-

CVE-2012-1003 MEDIUM POC
5.0 Feb 07

Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application c

Share

CVE-2012-1927 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy