CVSS: 6.4EPSS: 1%CPEs: 124EXPL: 0CVE-2012-1929
https://notcve.org/view.php?id=CVE-2012-1929
Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area. Opera antes de v11.62 en Mac OS X permite a atacantes remotos falsificar el campo de dirección y los cuadros de diálogo de seguridad a través de un estilo hecho a mano que hace que el contenido de la página se muestre fuera del área de contenido deseado. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1009 http://www.opera.com/support/kb/view/1013 https://exchange.xforce.ibmcloud.com/vulnerabilities/74352 • CWE-20: Improper Input Validation •
CVSS: 4.6EPSS: 0%CPEs: 124EXPL: 0CVE-2012-1930
https://notcve.org/view.php?id=CVE-2012-1930
Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files. Opera antes de v11.62 en UNIX asigna permisos de lectura para todo el mundo a los archivos temporales durante la impresión, lo que permite a usuarios locales obtener información sensible mediante la lectura de estos archivos. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/unix/1162 http://www.opera.com/support/kb/view/1015 https://exchange.xforce.ibmcloud.com/vulnerabilities/74501 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 5.0EPSS: 0%CPEs: 126EXPL: 0CVE-2012-1926
https://notcve.org/view.php?id=CVE-2012-1926
Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information. Opera antes de v11.62 permite a atacantes remotos evitar la política de mismo origen a través de las funciones (1) history.pushState y (2) history.replaceState junto con marcos de dominios cruzados, dando lugar a un acceso de lectura no intencionado a la información de history.state. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://osvdb.org/80622 http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/unix/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1012 https://exchange.xforce.ibmcloud.com/vulnerabilities/74351 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.4EPSS: 1%CPEs: 126EXPL: 0CVE-2012-1928
https://notcve.org/view.php?id=CVE-2012-1928
Opera before 11.62 allows remote attackers to spoof the address field by triggering a page reload followed by a redirect to a different domain. Opera antes de v11.62 permite a atacantes remotos falsificar el campo de la dirección mediante la recarga de la página seguido de una redirección a un dominio diferente. • http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00012.html http://osvdb.org/80624 http://secunia.com/advisories/48535 http://www.opera.com/docs/changelogs/mac/1162 http://www.opera.com/docs/changelogs/unix/1162 http://www.opera.com/docs/changelogs/windows/1162 http://www.opera.com/support/kb/view/1014 https://exchange.xforce.ibmcloud.com/vulnerabilities/74353 • CWE-20: Improper Input Validation •
CVSS: 5.0EPSS: 0%CPEs: 125EXPL: 1CVE-2012-1003
https://notcve.org/view.php?id=CVE-2012-1003
Multiple integer overflows in Opera 11.60 and earlier allow remote attackers to cause a denial of service (application crash) via a large integer argument to the (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5) Int16Array, or (6) ArrayBuffer function. NOTE: the vendor reportedly characterizes this as "a stability issue, not a security issue." Múltiples desbordamientos de enteros en Opera v11.60 y anteriores permiten a atacantes remotos causar una denegación de servicio (caída de la aplicación) a través de un argumento entero demasiado grande a las funciones (1) Int32Array, (2) Float32Array, (3) Float64Array, (4) Uint32Array, (5 ) Int16Array, o (6) ArrayBuffer. NOTA: El proveedor indica que "se trata de un problema de estabilidad, no un problema de seguridad". • http://blog.vulnhunt.com/index.php/2012/02/02/cal-2012-0004-opera-array-integer-overflow https://exchange.xforce.ibmcloud.com/vulnerabilities/73027 • CWE-189: Numeric Errors •