Skip to main content

Opera Browser CVE-2012-6461

MEDIUM
Improper Input Validation (CWE-20)
2013-01-02 cve@mitre.org
5.0
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.0 MEDIUM
AV:N/AC:L/Au:N/C:N/I:P/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:L/Au:N/C:N/I:P/A:N
Attack Vector
Network
Attack Complexity
Low
Confidentiality
None
Integrity
P
Availability
None

Lifecycle Timeline

1
CVE Published
Jan 02, 2013 - 11:46 cve.org
MEDIUM 5.0

DescriptionCVE.org

The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service.

AnalysisAI

The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-20. The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service. Affected products include: Opera Opera Browser. Version information: before 12.10.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

CVE-2012-6470 CRITICAL POC
9.3 Jan 02

Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary

CVE-2013-1638 CRITICAL POC
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. Rated cri

CVE-2012-3561 CRITICAL
10.0 Jun 14

Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary

CVE-2012-6468 CRITICAL
9.3 Jan 02

Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of

CVE-2013-1637 CRITICAL
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events. Rated critical se

CVE-2016-4075 MEDIUM POC
6.1 Apr 21

Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related

CVE-2013-3211 CRITICAL
10.0 Apr 19

Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe i

CVE-2012-4145 CRITICAL
10.0 Aug 06

Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,

CVE-2012-3559 CRITICAL
10.0 Jun 14

Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderat

CVE-2012-6465 CRITICAL
9.3 Jan 02

Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi

CVE-2012-3556 CRITICAL
9.3 Jun 14

Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-

CVE-2012-1003 MEDIUM POC
5.0 Feb 07

Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application c

Share

CVE-2012-6461 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy