CVE-2012-1926

Opera before 11.62 allows remote attackers to bypass the Same Origin Policy via the (1) history.pushState and (2) history.replaceState functions in conjunction with cross-domain frames, leading to unintended read access to history.state information.

CVE-2012-1924

Opera before 11.62 allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog.

CVE-2012-1925

Opera before 11.62 does not ensure that a dialog window is placed on top of content windows, which makes it easier for user-assisted remote attackers to trick users into downloading and executing arbitrary files via a download dialog located under other windows.

CVE-2012-1928

Opera before 11.62 allows remote attackers to spoof the address field by triggering a page reload followed by a redirect to a different domain.

CVE-2012-1927

Opera before 11.62 allows remote attackers to spoof the address field by triggering the launch of a dialog window associated with a different domain.

CVE-2012-1929

Opera before 11.62 on Mac OS X allows remote attackers to spoof the address field and security dialogs via crafted styling that causes page content to be displayed outside of the intended content area.

CVE-2012-1930

Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files.

CVE-2012-1931

Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing.