ID OPENVAS:803144 Type openvas Reporter Copyright (c) 2013 Greenbone Networks GmbH Modified 2017-05-10T00:00:00
Description
The host is installed with Opera and is prone to multiple
vulnerabilities.
###############################################################################
# OpenVAS Vulnerability Test
# $Id: gb_opera_mult_vuln03_jan13_win.nasl 6093 2017-05-10 09:03:18Z teissa $
#
# Opera Multiple Vulnerabilities-03 Jan13 (Windows)
#
# Authors:
# Antu Sanadi <santu@secpod.com>
#
# Copyright:
# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################
tag_impact = "Successful exploitation will let the attacker crash the browser leading to
denial of service, execute the arbitrary code or disclose the information.
Impact Level: System/Application";
tag_affected = "Opera version before 12.10 on Windows";
tag_insight = "- Internet shortcuts used for phishing in '<img>' elements.
- Specially crafted WebP images can be used to disclose random chunks
of memory.
- Specially crafted SVG images can allow execution of arbitrary code.
- Cross domain access to object constructors can be used to facilitate
cross-site scripting.
- Data URIs can be used to facilitate Cross-Site Scripting.
- CORS requests can incorrectly retrieve contents of cross origin pages.
- Certificate revocation service failure may cause Opera to show an
unverified site as secur.";
tag_solution = "Upgrade to Opera version 12.10 or later,
For updates refer to http://www.opera.com/";
tag_summary = "The host is installed with Opera and is prone to multiple
vulnerabilities.";
if(description)
{
script_id(803144);
script_version("$Revision: 6093 $");
script_cve_id("CVE-2012-6461", "CVE-2012-6462", "CVE-2012-6463", "CVE-2012-6464",
"CVE-2012-6465", "CVE-2012-6466", "CVE-2012-6467");
script_bugtraq_id(57121, 56407, 57120, 57132);
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_tag(name:"last_modification", value:"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $");
script_tag(name:"creation_date", value:"2013-01-07 15:57:32 +0530 (Mon, 07 Jan 2013)");
script_name("Opera Multiple Vulnerabilities-03 Jan13 (Windows)");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1034/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1035/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1033/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1032/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1031/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1030/");
script_xref(name : "URL" , value : "http://www.opera.com/support/kb/view/1029/");
script_xref(name : "URL" , value : "http://www.opera.com/docs/changelogs/unified/1210/");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2013 Greenbone Networks GmbH");
script_family("General");
script_dependencies("secpod_opera_detection_win_900036.nasl");
script_require_keys("Opera/Win/Version");
script_tag(name : "impact" , value : tag_impact);
script_tag(name : "affected" , value : tag_affected);
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
operaVer = "";
## Get Opera version from KB
operaVer = get_kb_item("Opera/Win/Version");
if(!operaVer){
exit(0);
}
## Check for opera versions prior to 12.10
if(version_is_less(version:operaVer, test_version:"12.10")){
security_message(0);
}
{"href": "http://plugins.openvas.org/nasl.php?oid=803144", "history": [], "naslFamily": "General", "id": "OPENVAS:803144", "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "title": "Opera Multiple Vulnerabilities-03 Jan13 (Windows)", "bulletinFamily": "scanner", "type": "openvas", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_win.nasl 6093 2017-05-10 09:03:18Z teissa $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.10 on Windows\";\ntag_insight = \"- Internet shortcuts used for phishing in '<img>' elements.\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n - Specially crafted SVG images can allow execution of arbitrary code.\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n - Data URIs can be used to facilitate Cross-Site Scripting.\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\";\ntag_solution = \"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803144);\n script_version(\"$Revision: 6093 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:57:32 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Windows)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_win_900036.nasl\");\n script_require_keys(\"Opera/Win/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.10\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "pluginID": "803144", "hash": "b896f4a433e09d80667cc0a3742f84ca7839b02194fce0a63f1e10faa8a3fad6", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "edition": 1, "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "lastseen": "2017-07-02T21:11:15", "viewCount": 0, "enchantments": {"score": {"value": 6.8, "vector": "NONE"}, "vulnersScore": 6.8}, "hashmap": [{"key": "bulletinFamily", "hash": "bbdaea376f500d25f6b0c1050311dd07"}, {"key": "cvelist", "hash": "628f3a52f50186a3845155af46232b72"}, {"key": "cvss", "hash": "2076413bdcb42307d016f5286cbae795"}, {"key": "description", "hash": "bb2747f4c94a990a47535ef3d7c8ab74"}, {"key": "href", "hash": "70c47c7e0d8156b460fcd2e3cc002997"}, {"key": "modified", "hash": "251f7e82e99b45e17b6cf8e939e6b119"}, {"key": "naslFamily", "hash": "0db377921f4ce762c62526131097968f"}, {"key": "pluginID", "hash": "dd2b5885cd67fe6ee8895b57a8600a5d"}, {"key": "published", "hash": "101b7284092e44eb79b50c654f2b8df1"}, {"key": "references", "hash": "f553fca4254ce599bcd3bc5726d41b3b"}, {"key": "reporter", "hash": "1a99a5f9a50e5bac3b749d8558d5e46b"}, {"key": "sourceData", "hash": "501a0fb681950bc577a6c9eb987e9893"}, {"key": "title", "hash": "4796d7114379c4aca3b8136699353962"}, {"key": "type", "hash": "47c1f692ea47a21f716dad07043ade01"}], "objectVersion": "1.3", "modified": "2017-05-10T00:00:00"}
{"openvas": [{"lastseen": "2018-09-17T13:39:15", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "1361412562310803145", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 6, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-03 Jan13 (Linux)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803145", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803145", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_lin.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803145\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 16:09:01 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Linux)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\");\n script_mandatory_keys(\"Opera/Linux/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n\n script_tag(name:\"affected\", value:\"Opera version before 12.10 on Linux\");\n\n script_tag(name:\"insight\", value:\"- Internet shortcuts used for phishing in '<img>' elements.\n\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n\n - Specially crafted SVG images can allow execution of arbitrary code.\n\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n\n - Data URIs can be used to facilitate Cross-Site Scripting.\n\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:38:42", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "1361412562310803146", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 5, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803146", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803146", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_macosx.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803146\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 16:09:01 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_macosx.nasl\");\n script_mandatory_keys(\"Opera/MacOSX/Version\");\n\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n\n script_tag(name:\"affected\", value:\"Opera version before 12.10 on Mac OS X\");\n\n script_tag(name:\"insight\", value:\"- Internet shortcuts used for phishing in '<img>' elements.\n\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n\n - Specially crafted SVG images can allow execution of arbitrary code.\n\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n\n - Data URIs can be used to facilitate Cross-Site Scripting.\n\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\");\n\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/MacOSX/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:17", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "803146", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2017-05-10T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803146", "id": "OPENVAS:803146", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_macosx.nasl 6093 2017-05-10 09:03:18Z teissa $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.10 on Mac OS X\";\ntag_insight = \"- Internet shortcuts used for phishing in '<img>' elements.\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n - Specially crafted SVG images can allow execution of arbitrary code.\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n - Data URIs can be used to facilitate Cross-Site Scripting.\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\";\ntag_solution = \"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803146);\n script_version(\"$Revision: 6093 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-10 11:03:18 +0200 (Wed, 10 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 16:09:01 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Mac OS X)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_macosx.nasl\", \"ssh_authorization_init.nasl\");\n script_require_keys(\"Opera/MacOSX/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = \"\";\n\n## Get Opera version from KB\noperaVer = get_kb_item(\"Opera/MacOSX/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.10\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-17T13:38:41", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "1361412562310803144", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 7, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "title": "Opera Multiple Vulnerabilities-03 Jan13 (Windows)", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-09-15T00:00:00", "id": "OPENVAS:1361412562310803144", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310803144", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_win.nasl 11401 2018-09-15 08:45:50Z cfischer $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Windows)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.803144\");\n script_version(\"$Revision: 11401 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-09-15 10:45:50 +0200 (Sat, 15 Sep 2018) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 15:57:32 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Windows)\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name:\"URL\", value:\"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"gb_opera_detect_portable_win.nasl\");\n script_mandatory_keys(\"Opera/Win/Version\");\n script_tag(name:\"impact\", value:\"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\");\n script_tag(name:\"affected\", value:\"Opera version before 12.10 on Windows\");\n script_tag(name:\"insight\", value:\"- Internet shortcuts used for phishing in '<img>' elements.\n\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n\n - Specially crafted SVG images can allow execution of arbitrary code.\n\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n\n - Data URIs can be used to facilitate Cross-Site Scripting.\n\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\");\n script_tag(name:\"solution\", value:\"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\");\n script_tag(name:\"summary\", value:\"The host is installed with Opera and is prone to multiple\n vulnerabilities.\");\n script_tag(name:\"qod_type\", value:\"registry\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\n\noperaVer = get_kb_item(\"Opera/Win/Version\");\nif(!operaVer){\n exit(0);\n}\n\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message( port: 0, data: \"The target host was found to be vulnerable\" );\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-07-02T21:11:11", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "803145", "description": "The host is installed with Opera and is prone to multiple\n vulnerabilities.", "edition": 1, "reporter": "Copyright (c) 2013 Greenbone Networks GmbH", "published": "2013-01-07T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "title": "Opera Multiple Vulnerabilities-03 Jan13 (Linux)", "type": "openvas", "naslFamily": "General", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2017-05-04T00:00:00", "href": "http://plugins.openvas.org/nasl.php?oid=803145", "id": "OPENVAS:803145", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n# $Id: gb_opera_mult_vuln03_jan13_lin.nasl 6065 2017-05-04 09:03:08Z teissa $\n#\n# Opera Multiple Vulnerabilities-03 Jan13 (Linux)\n#\n# Authors:\n# Antu Sanadi <santu@secpod.com>\n#\n# Copyright:\n# Copyright (c) 2013 Greenbone Networks GmbH, http://www.greenbone.net\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\ntag_impact = \"Successful exploitation will let the attacker crash the browser leading to\n denial of service, execute the arbitrary code or disclose the information.\n Impact Level: System/Application\";\n\ntag_affected = \"Opera version before 12.10 on Linux\";\ntag_insight = \"- Internet shortcuts used for phishing in '<img>' elements.\n - Specially crafted WebP images can be used to disclose random chunks\n of memory.\n - Specially crafted SVG images can allow execution of arbitrary code.\n - Cross domain access to object constructors can be used to facilitate\n cross-site scripting.\n - Data URIs can be used to facilitate Cross-Site Scripting.\n - CORS requests can incorrectly retrieve contents of cross origin pages.\n - Certificate revocation service failure may cause Opera to show an\n unverified site as secur.\";\ntag_solution = \"Upgrade to Opera version 12.10 or later,\n For updates refer to http://www.opera.com/\";\ntag_summary = \"The host is installed with Opera and is prone to multiple\n vulnerabilities.\";\n\nif(description)\n{\n script_id(803145);\n script_version(\"$Revision: 6065 $\");\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\",\n \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\");\n script_bugtraq_id(57121, 56407, 57120, 57132);\n script_tag(name:\"cvss_base\", value:\"9.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-05-04 11:03:08 +0200 (Thu, 04 May 2017) $\");\n script_tag(name:\"creation_date\", value:\"2013-01-07 16:09:01 +0530 (Mon, 07 Jan 2013)\");\n script_name(\"Opera Multiple Vulnerabilities-03 Jan13 (Linux)\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1034/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1035/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1033/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1032/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1031/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1030/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/support/kb/view/1029/\");\n script_xref(name : \"URL\" , value : \"http://www.opera.com/docs/changelogs/unified/1210/\");\n\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2013 Greenbone Networks GmbH\");\n script_family(\"General\");\n script_dependencies(\"secpod_opera_detection_linux_900037.nasl\",\n \"ssh_authorization_init.nasl\");\n script_require_keys(\"Opera/Linux/Version\");\n script_tag(name : \"impact\" , value : tag_impact);\n script_tag(name : \"affected\" , value : tag_affected);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"executable_version\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n\ninclude(\"version_func.inc\");\n\n## Variable Initialization\noperaVer = NULL;\n\n## Get the version\noperaVer = get_kb_item(\"Opera/Linux/Version\");\nif(!operaVer){\n exit(0);\n}\n\n## Check for opera versions prior to 12.10\nif(version_is_less(version:operaVer, test_version:\"12.10\")){\n security_message(0);\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-01T23:50:41", "references": ["https://security.gentoo.org/glsa/201406-14"], "pluginID": "1361412562310121217", "description": "Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-14", "edition": 5, "reporter": "Eero Volotinen", "published": "2015-09-29T00:00:00", "title": "Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-14", "type": "openvas", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-04-06T00:00:00", "id": "OPENVAS:1361412562310121217", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310121217", "sourceData": "# OpenVAS Vulnerability Test\n# Description: Gentoo Linux security check\n# $Id: glsa-201406-14.nasl 9374 2018-04-06 08:58:12Z cfischer $\n\n# Authors:\n# Eero Volotinen <eero.volotinen@solinor.com>\n#\n# Copyright:\n# Copyright (c) 2015 Eero Volotinen, http://solinor.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2\n# (or any later version), as published by the Free Software Foundation.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\nif(description)\n {\nscript_oid(\"1.3.6.1.4.1.25623.1.0.121217\");\nscript_version(\"$Revision: 9374 $\");\nscript_tag(name:\"creation_date\", value:\"2015-09-29 11:27:22 +0300 (Tue, 29 Sep 2015)\");\nscript_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 10:58:12 +0200 (Fri, 06 Apr 2018) $\");\nscript_name(\"Gentoo Linux Local Check: https://security.gentoo.org/glsa/201406-14\");\nscript_tag(name: \"insight\", value: \"Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\"); \nscript_tag(name : \"solution\", value : \"update software\");\nscript_tag(name : \"solution_type\", value : \"VendorFix\");\nscript_xref(name : \"URL\" , value : \"https://security.gentoo.org/glsa/201406-14\");\nscript_cve_id(\"CVE-2012-6461\",\"CVE-2012-6462\",\"CVE-2012-6463\",\"CVE-2012-6464\",\"CVE-2012-6465\",\"CVE-2012-6466\",\"CVE-2012-6467\",\"CVE-2012-6468\",\"CVE-2012-6469\",\"CVE-2012-6470\",\"CVE-2012-6471\",\"CVE-2012-6472\",\"CVE-2013-1618\",\"CVE-2013-1637\",\"CVE-2013-1638\",\"CVE-2013-1639\");\nscript_tag(name:\"cvss_base\", value:\"9.3\");\nscript_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:C/I:C/A:C\");\nscript_tag(name:\"qod_type\", value:\"package\");\nscript_dependencies(\"gather-package-list.nasl\");\nscript_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\nscript_category(ACT_GATHER_INFO);\nscript_tag(name:\"summary\", value:\"Gentoo Linux Local Security Checks https://security.gentoo.org/glsa/201406-14\");\nscript_copyright(\"Eero Volotinen\");\nscript_family(\"Gentoo Local Security Checks\");\nexit(0);\n}\ninclude(\"revisions-lib.inc\");\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\n\nif((res=ispkgvuln(pkg:\"www-client/opera\", unaffected: make_list(\"ge 12.13_p1734\"), vulnerable: make_list(\"lt 12.13_p1734\"))) != NULL) {\n\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2018-09-01T23:48:41", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/", "http://www.opera.com/support/kb/view/1030/", "http://www.opera.com/support/kb/view/1035/", "http://www.opera.com/support/kb/view/1029/", "http://www.opera.com/support/kb/view/1033/", "http://www.opera.com/support/kb/view/1031/", "http://www.opera.com/support/kb/view/1034/"], "pluginID": "62821", "description": "The version of Opera installed on the remote host is earlier than 12.10 and is, therefore, reportedly affected by the following vulnerabilities : \n\n - An error exists related to certificate revocation checking that can allow the application to indicate that a site is secure even though the check has not completed. (1029)\n\n - An error exists related to Cross-Origin Resource Sharing (CORS) handling that can allow specially crafted requests to aid in disclosing sensitive data. (1030)\n\n - An error exists related to data URIs that allows bypassing of the 'Same Origin Policy' and cross-site scripting attacks. (1031)\n\n - An error exists related to JavaScript and native objects that allows domains to override methods of other domains. This error can aid in cross-site scripting attacks. (1032)\n\n - An error exists related to SVG image handling that can result in arbitrary code execution. (1033)\n\n - An error exists related to the handling of shortcuts in inline elements that can cause the application to be redirected to malicious pages. This error can aid in phishing attacks. (1034)\n\n - An error exists related to the handling of 'WebP' images that can allow disclosure of memory contents.\n (1035)", "edition": 5, "reporter": "Tenable", "published": "2012-11-06T00:00:00", "title": "Opera < 12.10 Multiple Vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Windows", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6463", "CVE-2012-6466", "CVE-2012-6462", "CVE-2012-6467", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2018-07-16T00:00:00", "cpe": ["cpe:/a:opera:opera_browser"], "id": "OPERA_1210.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=62821", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(62821);\n script_version(\"1.10\");\n script_cvs_date(\"Date: 2018/07/16 14:09:15\");\n\n script_cve_id(\n \"CVE-2012-6461\",\n \"CVE-2012-6462\",\n \"CVE-2012-6463\",\n \"CVE-2012-6464\",\n \"CVE-2012-6465\",\n \"CVE-2012-6466\",\n \"CVE-2012-6467\"\n );\n script_bugtraq_id(56407, 57120, 57121, 57132);\n\n script_name(english:\"Opera < 12.10 Multiple Vulnerabilities\");\n script_summary(english:\"Checks version number of Opera\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote host contains a web browser that is affected by\nmultiple vulnerabilities.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of Opera installed on the remote host is earlier than\n12.10 and is, therefore, reportedly affected by the following\nvulnerabilities : \n\n - An error exists related to certificate revocation\n checking that can allow the application to indicate\n that a site is secure even though the check has not\n completed. (1029)\n\n - An error exists related to Cross-Origin Resource\n Sharing (CORS) handling that can allow specially\n crafted requests to aid in disclosing sensitive\n data. (1030)\n\n - An error exists related to data URIs that allows\n bypassing of the 'Same Origin Policy' and cross-site\n scripting attacks. (1031)\n\n - An error exists related to JavaScript and native\n objects that allows domains to override methods of\n other domains. This error can aid in cross-site\n scripting attacks. (1032)\n\n - An error exists related to SVG image handling that\n can result in arbitrary code execution. (1033)\n\n - An error exists related to the handling of shortcuts\n in inline elements that can cause the application to\n be redirected to malicious pages. This error can aid\n in phishing attacks. (1034)\n\n - An error exists related to the handling of 'WebP'\n images that can allow disclosure of memory contents.\n (1035)\"\n );\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1029/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1030/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1031/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1032/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1033/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1034/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/support/kb/view/1035/\");\n script_set_attribute(attribute:\"see_also\", value:\"http://www.opera.com/docs/changelogs/unified/1210/\");\n script_set_attribute(attribute:\"solution\", value: \"Upgrade to Opera 12.10 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(20, 74, 79, 442, 629, 711, 712, 722, 725, 750, 751, 800, 801, 809, 811, 864, 900, 928, 931, 990);\n \n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2012/11/06\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2012/11/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2012/11/06\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:opera:opera_browser\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Windows\");\n\n script_copyright(english:\"This script is Copyright (C) 2012-2018 Tenable Network Security, Inc.\");\n\n script_dependencies(\"opera_installed.nasl\");\n script_require_keys(\"SMB/Opera/Version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\npath = get_kb_item_or_exit(\"SMB/Opera/Path\");\nversion = get_kb_item_or_exit(\"SMB/Opera/Version\");\nversion_ui = get_kb_item(\"SMB/Opera/Version_UI\");\n\nif (isnull(version_ui)) version_report = version;\nelse version_report = version_ui; \n\nfixed_version = \"12.10.1652.0\";\n\n# Check if we need to display full version info in case of Alpha/Beta/RC\nmajor_minor = eregmatch(string:version, pattern:\"^([0-9]+\\.[0-9]+)\");\nif (major_minor[1] == \"12.10\")\n{\n fixed_version_report = fixed_version;\n version_report = version;\n}\nelse fixed_version_report = \"12.10\";\n\nif (ver_compare(ver:version, fix:fixed_version) == -1)\n{\n port = get_kb_item(\"SMB/transport\");\n set_kb_item(name: 'www/'+port+'/XSS', value: TRUE);\n if (report_verbosity > 0)\n {\n report = \n '\\n Path : ' + path +\n '\\n Installed version : ' + version_report +\n '\\n Fixed version : ' + fixed_version_report +\n '\\n';\n security_hole(port:port, extra:report);\n }\n else security_hole(port);\n exit(0);\n}\nelse audit(AUDIT_INST_PATH_NOT_VULN, \"Opera\", version_report, path);\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2018-09-02T00:05:24", "references": ["https://security.gentoo.org/glsa/201406-14"], "pluginID": "76065", "description": "The remote host is affected by the vulnerability described in GLSA-201406-14 (Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details.\n Impact :\n\n A remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.\n Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions.\n A local attacker may be able to obtain sensitive information.\n Workaround :\n\n There is no known workaround at this time.", "edition": 4, "reporter": "Tenable", "published": "2014-06-16T00:00:00", "title": "GLSA-201406-14 : Opera: Multiple vulnerabilities", "type": "nessus", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "naslFamily": "Gentoo Local Security Checks", "bulletinFamily": "scanner", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2015-04-13T00:00:00", "cpe": ["p-cpe:/a:gentoo:linux:opera", "cpe:/o:gentoo:linux"], "id": "GENTOO_GLSA-201406-14.NASL", "href": "https://www.tenable.com/plugins/index.php?view=single&id=76065", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Gentoo Linux Security Advisory GLSA 201406-14.\n#\n# The advisory text is Copyright (C) 2001-2015 Gentoo Foundation, Inc.\n# and licensed under the Creative Commons - Attribution / Share Alike \n# license. See http://creativecommons.org/licenses/by-sa/3.0/\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(76065);\n script_version(\"$Revision: 1.3 $\");\n script_cvs_date(\"$Date: 2015/04/13 14:27:08 $\");\n\n script_cve_id(\"CVE-2012-6461\", \"CVE-2012-6462\", \"CVE-2012-6463\", \"CVE-2012-6464\", \"CVE-2012-6465\", \"CVE-2012-6466\", \"CVE-2012-6467\", \"CVE-2012-6468\", \"CVE-2012-6469\", \"CVE-2012-6470\", \"CVE-2012-6471\", \"CVE-2012-6472\", \"CVE-2013-1618\", \"CVE-2013-1637\", \"CVE-2013-1638\", \"CVE-2013-1639\");\n script_bugtraq_id(56407, 56594, 56788, 56980, 56984, 57120, 57121, 57132, 57633, 57773);\n script_xref(name:\"GLSA\", value:\"201406-14\");\n\n script_name(english:\"GLSA-201406-14 : Opera: Multiple vulnerabilities\");\n script_summary(english:\"Checks for updated package(s) in /var/db/pkg\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\n\"The remote Gentoo host is missing one or more security-related\npatches.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"The remote host is affected by the vulnerability described in GLSA-201406-14\n(Opera: Multiple vulnerabilities)\n\n Multiple vulnerabilities have been discovered in Opera. Please review\n the CVE identifiers referenced below for details.\n \nImpact :\n\n A remote attacker could entice a user to open a specially crafted web\n page using Opera, possibly resulting in execution of arbitrary code with\n the privileges of the process or a Denial of Service condition.\n Furthermore, a remote attacker may be able to obtain sensitive\n information, conduct Cross-Site Scripting (XSS) attacks, or bypass\n security restrictions.\n A local attacker may be able to obtain sensitive information.\n \nWorkaround :\n\n There is no known workaround at this time.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security.gentoo.org/glsa/201406-14\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"All Opera users should upgrade to the latest version:\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=www-client/opera-12.13_p1734'\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:ND/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:gentoo:linux:opera\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:gentoo:linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2014/06/15\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2014/06/16\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2014-2015 Tenable Network Security, Inc.\");\n script_family(english:\"Gentoo Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Gentoo/release\", \"Host/Gentoo/qpkg-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"qpkg.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Gentoo/release\")) audit(AUDIT_OS_NOT, \"Gentoo\");\nif (!get_kb_item(\"Host/Gentoo/qpkg-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (qpkg_check(package:\"www-client/opera\", unaffected:make_list(\"ge 12.13_p1734\"), vulnerable:make_list(\"lt 12.13_p1734\"))) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:qpkg_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = qpkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"Opera\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "cve": [{"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1033/"], "edition": 3, "description": "Opera before 12.10 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a malformed SVG image.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6465", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6465"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T13:19:46", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6465", "id": "CVE-2012-6465", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1029/"], "edition": 3, "description": "The X.509 certificate-validation functionality in the https implementation in Opera before 12.10 allows remote attackers to trigger a false indication of successful revocation-status checking by causing a failure of a single checking service.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6461", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6461"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T00:00:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6461", "id": "CVE-2012-6461", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.securityfocus.com/bid/57132", "http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1034/"], "edition": 3, "description": "Opera before 12.10 follows Internet shortcuts that are referenced by a (1) IMG element or (2) other inline element, which makes it easier for remote attackers to conduct phishing attacks via a crafted web site, as exploited in the wild in November 2012.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6467", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6467"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2015-09-29T14:46:15", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6467", "id": "CVE-2012-6467", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1031/"], "edition": 3, "description": "Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arbitrary web script or HTML via vectors involving an unspecified sequence of loading of documents and loading of data: URLs.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6463", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6463"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T13:15:13", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6463", "id": "CVE-2012-6463", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1035/"], "edition": 3, "description": "Opera before 12.10 does not properly handle incorrect size data in a WebP image, which allows remote attackers to obtain potentially sensitive information from process memory by using a crafted image as the fill pattern for a canvas.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6466", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6466"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T13:27:58", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6466", "id": "CVE-2012-6466", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1032/"], "edition": 3, "description": "Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript code that overrides methods of unspecified native objects in documents that have different origins.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6464", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 4.3}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6464"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T00:00:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6464", "id": "CVE-2012-6464", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}, {"lastseen": "2017-11-09T12:22:40", "references": ["http://www.opera.com/docs/changelogs/unified/1210/", "http://www.opera.com/support/kb/view/1030/"], "edition": 3, "description": "Opera before 12.10 does not properly implement the Cross-Origin Resource Sharing (CORS) specification, which allows remote attackers to bypass intended page-content restrictions via a crafted request.", "reporter": "NVD", "published": "2013-01-02T06:46:22", "title": "CVE-2012-6462", "type": "cve", "enchantments": {"score": {"vector": "NONE", "value": 5.0}}, "assessment": {"system": "", "name": "", "href": ""}, "bulletinFamily": "NVD", "cvelist": ["CVE-2012-6462"], "scanner": [], "cpe": ["cpe:/a:opera:opera_browser:9.61", "cpe:/a:opera:opera_browser:4.00:beta3", "cpe:/a:opera:opera_browser:11.10", "cpe:/a:opera:opera_browser:8.53", "cpe:/a:opera:opera_browser:3.21", "cpe:/a:opera:opera_browser:10.60:beta1", "cpe:/a:opera:opera_browser:7.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta4", "cpe:/a:opera:opera_browser:3.62", "cpe:/a:opera:opera_browser:5.0:beta3", "cpe:/a:opera:opera_browser:5.0:beta2", "cpe:/a:opera:opera_browser:7.21", "cpe:/a:opera:opera_browser:4.00:beta6", "cpe:/a:opera:opera_browser:7.50", "cpe:/a:opera:opera_browser:10.60:alpha", "cpe:/a:opera:opera_browser:5.0:beta7", "cpe:/a:opera:opera_browser:11.50", "cpe:/a:opera:opera_browser:11.65", "cpe:/a:opera:opera_browser:9.27", "cpe:/a:opera:opera_browser:7.03", "cpe:/a:opera:opera_browser:5.11", "cpe:/a:opera:opera_browser:7.54:update1", "cpe:/a:opera:opera_browser:11.00:beta", "cpe:/a:opera:opera_browser:8.0", "cpe:/a:opera:opera_browser:3.62:beta", "cpe:/a:opera:opera_browser:1.00", "cpe:/a:opera:opera_browser:8.54", "cpe:/a:opera:opera_browser:12.00", "cpe:/a:opera:opera_browser:7.51", "cpe:/a:opera:opera_browser:10.61", "cpe:/a:opera:opera_browser:9.64", "cpe:/a:opera:opera_browser:7.22", "cpe:/a:opera:opera_browser:8.50", "cpe:/a:opera:opera_browser:6.06", "cpe:/a:opera:opera_browser:5.0:beta6", "cpe:/a:opera:opera_browser:9.0", "cpe:/a:opera:opera_browser:9.20", "cpe:/a:opera:opera_browser:10.52:beta2", "cpe:/a:opera:opera_browser:10.10", "cpe:/a:opera:opera_browser:5.0:beta5", "cpe:/a:opera:opera_browser:9.60:beta1", "cpe:/a:opera:opera_browser:11.50:beta", "cpe:/a:opera:opera_browser:7.20", "cpe:/a:opera:opera_browser:12.01", "cpe:/a:opera:opera_browser:7.0", "cpe:/a:opera:opera_browser:10.63", "cpe:/a:opera:opera_browser:6.1:beta1", "cpe:/a:opera:opera_browser:3.51", "cpe:/a:opera:opera_browser:7.10:beta1", "cpe:/a:opera:opera_browser:2.00", "cpe:/a:opera:opera_browser:3.50", "cpe:/a:opera:opera_browser:9.26", "cpe:/a:opera:opera_browser:9.50:beta2", "cpe:/a:opera:opera_browser:10.54", "cpe:/a:opera:opera_browser:2.10", "cpe:/a:opera:opera_browser:10.52", "cpe:/a:opera:opera_browser:2.12", "cpe:/a:opera:opera_browser:4.02", "cpe:/a:opera:opera_browser:6.0:tp2", "cpe:/a:opera:opera_browser:10.11", "cpe:/a:opera:opera_browser:9.63", "cpe:/a:opera:opera_browser:4.00:beta4", "cpe:/a:opera:opera_browser:6.11", "cpe:/a:opera:opera_browser:11.60:beta", "cpe:/a:opera:opera_browser:8.0:beta1", "cpe:/a:opera:opera_browser:9.0:beta1", "cpe:/a:opera:opera_browser:10.60", "cpe:/a:opera:opera_browser:9.23", "cpe:/a:opera:opera_browser:11.10:beta", "cpe:/a:opera:opera_browser:12.02", "cpe:/a:opera:opera_browser:4.00:beta5", "cpe:/a:opera:opera_browser:8.02", "cpe:/a:opera:opera_browser:6.02", "cpe:/a:opera:opera_browser:10.50:beta2", "cpe:/a:opera:opera_browser:7.54:update2", "cpe:/a:opera:opera_browser:10.50:beta1", "cpe:/a:opera:opera_browser:5.0:beta8", "cpe:/a:opera:opera_browser:5.02", "cpe:/a:opera:opera_browser:11.51", "cpe:/a:opera:opera_browser:10.52:beta1", "cpe:/a:opera:opera_browser:7.0:beta2", "cpe:/a:opera:opera_browser:10.00", "cpe:/a:opera:opera_browser:6.0:beta1", "cpe:/a:opera:opera_browser:5.0", "cpe:/a:opera:opera_browser:8.51", "cpe:/a:opera:opera_browser:7.0:beta1_v2", "cpe:/a:opera:opera_browser:8.01", "cpe:/a:opera:opera_browser:9.25", "cpe:/a:opera:opera_browser:6.04", "cpe:/a:opera:opera_browser:6.0:beta3", "cpe:/a:opera:opera_browser:9.50", "cpe:/a:opera:opera_browser:4.01", "cpe:/a:opera:opera_browser:12.00:beta", "cpe:/a:opera:opera_browser:2.10:beta1", "cpe:/a:opera:opera_browser:6.0:tp1", "cpe:/a:opera:opera_browser:11.60", "cpe:/a:opera:opera_browser:9.60", "cpe:/a:opera:opera_browser:9.20:beta1", "cpe:/a:opera:opera_browser:10.10:beta1", "cpe:/a:opera:opera_browser:3.00:beta", "cpe:/a:opera:opera_browser:10.00:beta1", "cpe:/a:opera:opera_browser:11.64", "cpe:/a:opera:opera_browser:6.01", "cpe:/a:opera:opera_browser:9.21", "cpe:/a:opera:opera_browser:10.51", "cpe:/a:opera:opera_browser:11.52", "cpe:/a:opera:opera_browser:11.61", "cpe:/a:opera:opera_browser:7.0:beta1", "cpe:/a:opera:opera_browser:6.0:tp3", "cpe:/a:opera:opera_browser:11.62", "cpe:/a:opera:opera_browser:6.03", "cpe:/a:opera:opera_browser:9.50:beta1", "cpe:/a:opera:opera_browser:7.20:beta7", "cpe:/a:opera:opera_browser:3.00", "cpe:/a:opera:opera_browser:9.52", "cpe:/a:opera:opera_browser:10.50", "cpe:/a:opera:opera_browser:9.12", "cpe:/a:opera:opera_browser:9.24", "cpe:/a:opera:opera_browser:2.10:beta3", "cpe:/a:opera:opera_browser:7.52", "cpe:/a:opera:opera_browser:10.20:alpha", "cpe:/a:opera:opera_browser:11.11", "cpe:/a:opera:opera_browser:11.01", "cpe:/a:opera:opera_browser:9.0:beta2", "cpe:/a:opera:opera_browser:7.11:beta2", "cpe:/a:opera:opera_browser:6.0:beta2", "cpe:/a:opera:opera_browser:10.00:beta2", "cpe:/a:opera:opera_browser:7.54", "cpe:/a:opera:opera_browser:7.60", "cpe:/a:opera:opera_browser:9.62", "cpe:/a:opera:opera_browser:6.12", "cpe:/a:opera:opera_browser:9.51", "cpe:/a:opera:opera_browser:6.0", "cpe:/a:opera:opera_browser:10.01", "cpe:/a:opera:opera_browser:8.0:beta2", "cpe:/a:opera:opera_browser:7.10", "cpe:/a:opera:opera_browser:7.53", "cpe:/a:opera:opera_browser:11.52.1100", "cpe:/a:opera:opera_browser:4.00:beta2", "cpe:/a:opera:opera_browser:3.60", "cpe:/a:opera:opera_browser:5.10", "cpe:/a:opera:opera_browser:5.12", "cpe:/a:opera:opera_browser:10.53:b", "cpe:/a:opera:opera_browser:7.01", "cpe:/a:opera:opera_browser:10.00:beta3", "cpe:/a:opera:opera_browser:10.62", "cpe:/a:opera:opera_browser:9.02", "cpe:/a:opera:opera_browser:9.22", "cpe:/a:opera:opera_browser:3.10", "cpe:/a:opera:opera_browser:8.52", "cpe:/a:opera:opera_browser:3.61", "cpe:/a:opera:opera_browser:11.66", "cpe:/a:opera:opera_browser:9.10", "cpe:/a:opera:opera_browser:10.53", "cpe:/a:opera:opera_browser:2.10:beta2", "cpe:/a:opera:opera_browser:9.01", "cpe:/a:opera:opera_browser:11.00", "cpe:/a:opera:opera_browser:10.00:alpha", "cpe:/a:opera:opera_browser:8.0:beta3", "cpe:/a:opera:opera_browser:4.00", "cpe:/a:opera:opera_browser:6.05", "cpe:/a:opera:opera_browser:7.02", "cpe:/a:opera:opera_browser:7.11", "cpe:/a:opera:opera_browser:10.53:beta1", "cpe:/a:opera:opera_browser:7.23", "cpe:/a:opera:opera_browser:12.10:beta"], "modified": "2013-01-02T00:00:00", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-6462", "id": "CVE-2012-6462", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:00", "references": ["http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6465", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1638", "https://bugs.gentoo.org/show_bug.cgi?id=442044", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1639", "https://bugs.gentoo.org/show_bug.cgi?id=454654", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1618", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6472", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6464", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6469", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-1637", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6461", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6463", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6468", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6466", "https://bugs.gentoo.org/show_bug.cgi?id=444040", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6462", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6471", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6470", "http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6467", "https://bugs.gentoo.org/show_bug.cgi?id=446096"], "affectedPackage": [{"OS": "Gentoo", "OSVersion": "any", "packageVersion": "12.13_p1734", "packageName": "www-client/opera", "packageFilename": "UNKNOWN", "arch": "all", "operator": "lt"}], "description": "### Background\n\nOpera is a fast web browser that is available free of charge.\n\n### Description\n\nMultiple vulnerabilities have been discovered in Opera. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nA remote attacker could entice a user to open a specially crafted web page using Opera, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition. Furthermore, a remote attacker may be able to obtain sensitive information, conduct Cross-Site Scripting (XSS) attacks, or bypass security restrictions. \n\nA local attacker may be able to obtain sensitive information.\n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll Opera users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=www-client/opera-12.13_p1734\"", "edition": 1, "reporter": "Gentoo Foundation", "published": "2014-06-15T00:00:00", "enchantments": {"score": {"vector": "NONE", "value": 6.8}}, "type": "gentoo", "title": "Opera: Multiple vulnerabilities", "bulletinFamily": "unix", "cvelist": ["CVE-2012-6472", "CVE-2013-1638", "CVE-2012-6470", "CVE-2012-6468", "CVE-2012-6469", "CVE-2012-6463", "CVE-2013-1639", "CVE-2012-6471", "CVE-2012-6466", "CVE-2013-1618", "CVE-2012-6462", "CVE-2012-6467", "CVE-2013-1637", "CVE-2012-6461", "CVE-2012-6464", "CVE-2012-6465"], "modified": "2014-06-15T00:00:00", "id": "GLSA-201406-14", "href": "https://security.gentoo.org/glsa/201406-14", "cvss": {"score": 9.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
