Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Opera_browser
(Opera)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 282 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2013-02-08 | CVE-2013-1638 | Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. | Opera_browser | N/A | ||
2013-02-08 | CVE-2013-1637 | Opera before 12.13 allows remote attackers to execute arbitrary code via vectors involving DOM events. | Opera_browser | N/A | ||
2013-02-08 | CVE-2013-1618 | The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6472 | Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6471 | Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6470 | Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6469 | Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6468 | Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6467 | Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012. | Opera_browser | N/A | ||
2013-01-02 | CVE-2012-6466 | Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. | Opera_browser | N/A |