CVSS: 9.8EPSS: 4%CPEs: 167EXPL: 0CVE-2012-6465 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6465
02 Jan 2013 — Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image. Opera antes de v12.10 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por caída de la aplicación) a través de una imagen SVG mal formada. Multiple vulnerabilities have been found in Opera, the worst of which may allow remote execution of arbitrary code. Versions less than 12.13_p1734 are affected. • http://www.opera.com/docs/changelogs/unified/1210 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.5EPSS: 0%CPEs: 167EXPL: 0CVE-2012-6466 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6466
02 Jan 2013 — Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas. Opera antes de v12.10 no trata correctamente los datos de tamaño incorrecto en una imagen WebP, lo que permite a atacantes remotos obtener información sensible de la memoria del proceso mediante el uso de una imagen hecha a mano como patrón de relleno para un lienzo. Multiple v... • http://www.opera.com/docs/changelogs/unified/1210 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 4.7EPSS: 0%CPEs: 167EXPL: 0CVE-2012-6467 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6467
02 Jan 2013 — Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012. Opera antes de v12.10 sigue accesos directos de Internet que son referenciados por elementos (1) IMG o (2) otro elemento en línea ('inline'), lo que hace que sea más fácil para los atacantes remotos a la hora de realizar ataques de phishing a través de un si... • http://www.opera.com/docs/changelogs/unified/1210 •
CVSS: 9.8EPSS: 8%CPEs: 168EXPL: 0CVE-2012-6468 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6468
02 Jan 2013 — Heap-based buffer overflow in Opera before 12.11 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a long HTTP response. Un desbordamiento de búfer basado en memoria dinámica ('heap') en Opera antes de v12.11 permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (por corrupción de la memoria) a través de una respuesta HTTP demasiado larga. Multiple vulnerabilities have been found in Opera, the worst of which may al... • http://www.opera.com/docs/changelogs/unified/1211 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.3EPSS: 0%CPEs: 168EXPL: 0CVE-2012-6469 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6469
02 Jan 2013 — Opera before 12.11 allows remote attackers to determine the existence of arbitrary local files via vectors involving web script in an error page. Opera antes de v12.11 permite a atacantes remotos determinat la existencia de archivos locales de su elección a través de vectores que implican secuencias de comandos web en una página de error. Multiple vulnerabilities have been found in Opera, the worst of which may allow remote execution of arbitrary code. Versions less than 12.13_p1734 are affected. • http://www.opera.com/docs/changelogs/unified/1211 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.8EPSS: 36%CPEs: 169EXPL: 1CVE-2012-6470 – Opera Web Browser 12.11 - Crash (PoC)
https://notcve.org/view.php?id=CVE-2012-6470
02 Jan 2013 — Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image. Opera antes de v12.12 no asigna correctamente la memoria para imágenes GIF, lo que permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (sobrescritura de memoria) a través de una imagen con formato incorrecto. Multiple vulnerabilities have been found in Opera, the worst of ... • https://www.exploit-db.com/exploits/23107 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 169EXPL: 0CVE-2012-6471 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6471
02 Jan 2013 — Opera before 12.12 allows remote attackers to spoof the address field via a high rate of HTTP requests. Opera antes de v12.12 permite a atacantes remotos falsificar el campo de la dirección a través de una alta tasa de peticiones HTTP. Multiple vulnerabilities have been found in Opera, the worst of which may allow remote execution of arbitrary code. Versions less than 12.13_p1734 are affected. • http://www.opera.com/docs/changelogs/unified/1212 •
CVSS: 7.1EPSS: 0%CPEs: 170EXPL: 0CVE-2012-6472 – Gentoo Linux Security Advisory 201406-14
https://notcve.org/view.php?id=CVE-2012-6472
02 Jan 2013 — Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file. Opera antes de v12.12 en UNIX utiliza permisos débiles para el directorio de perfiles, lo que permite a usuarios locales obtener información sensible mediante (1) la lectura de un archivo de caché, (2) el archivo de contra... • http://www.opera.com/docs/changelogs/unified/1212 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.3EPSS: 0%CPEs: 1EXPL: 2CVE-2010-5227 – Opera 10.61 - 'dwmapi.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-5227
07 Sep 2012 — Untrusted search path vulnerability in Opera before 10.62 allows local users to gain privileges via a Trojan horse dwmapi.dll file in the current working directory, as demonstrated by a directory that contains a .htm, .mht, .mhtml, .xht, .xhtm, or .xhtl file. NOTE: some of these details are obtained from third party information. Vulnerabilidad de ruta de búsqueda no confiable en Opera anterior a v10.62 permite a usuarios locales obtener privilegios a través de un archivo dwmapi.dll caballo de troya en el di... • https://www.exploit-db.com/exploits/14732 •
CVSS: 7.5EPSS: 0%CPEs: 124EXPL: 0CVE-2012-4010
https://notcve.org/view.php?id=CVE-2012-4010
30 Aug 2012 — Opera before 11.60 allows remote attackers to spoof the address bar via unspecified homograph characters, a different vulnerability than CVE-2010-2660. Opera anterior a v11.60 permite a atacantes remotos suplantar la barra de direcciones a través de caracteres homógrafos no especificados, una vulnerabilidad diferente a CVE-2010-2660. • http://jvn.jp/en/jp/JVN69880570/index.html •