Skip to main content

Opera Browser CVE-2012-6468

CRITICAL
Buffer Overflow (CWE-119)
2013-01-02 cve@mitre.org
9.3
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
9.3 CRITICAL
AV:N/AC:M/Au:N/C:C/I:C/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:N/AC:M/Au:N/C:C/I:C/A:C
Attack Vector
Network
Attack Complexity
M
Confidentiality
C
Integrity
C
Availability
C

Lifecycle Timeline

1
CVE Published
Jan 02, 2013 - 11:46 cve.org
CRITICAL 9.3

DescriptionCVE.org

Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response.

AnalysisAI

Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Technical ContextAI

This vulnerability is classified as Buffer Overflow (CWE-119), which allows attackers to corrupt memory to execute arbitrary code or crash the application. Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response. Affected products include: Opera Opera Browser. Version information: before 12.11.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Use memory-safe languages or bounds-checking. Enable ASLR, DEP/NX, stack canaries. Use safe string functions.

CVE-2012-6470 CRITICAL POC
9.3 Jan 02

Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary

CVE-2013-1638 CRITICAL POC
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. Rated cri

CVE-2012-3561 CRITICAL
10.0 Jun 14

Opera before 11.64 does not properly allocate memory for URL strings, which allows remote attackers to execute arbitrary

CVE-2013-1637 CRITICAL
9.3 Feb 08

Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events. Rated critical se

CVE-2016-4075 MEDIUM POC
6.1 Apr 21

Opera Mini 13 and Opera Stable 36 allow remote attackers to spoof the displayed URL via a crafted HTML document, related

CVE-2013-3211 CRITICAL
10.0 Apr 19

Unspecified vulnerability in Opera before 12.15 has unknown impact and attack vectors, related to a "moderately severe i

CVE-2012-4145 CRITICAL
10.0 Aug 06

Unspecified vulnerability in Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X,

CVE-2012-3559 CRITICAL
10.0 Jun 14

Unspecified vulnerability in Opera before 12.00 on Mac OS X has unknown impact and attack vectors, related to a "moderat

CVE-2012-6465 CRITICAL
9.3 Jan 02

Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) vi

CVE-2012-3556 CRITICAL
9.3 Jun 14

Opera before 11.65 does not properly restrict the opening of a pop-up window in response to the first click of a double-

CVE-2012-1003 MEDIUM POC
5.0 Feb 07

Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application c

CVE-2012-3555 HIGH
7.6 Jun 14

Opera before 11.65 does not ensure that keyboard sequences are associated with a visible window, which makes it easier f

Share

CVE-2012-6468 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy