CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:N/I:N/A:P
EPSS
Percentile
84.5%
The remote host is running the Opera web browser.
Versions of Opera earlier than 12.01 are potentially affected by multiple vulnerabilities :
An error exists in the handling of certain URLs that can lead to memory corruption and possible code execution. (1016)
Errors exist in the handling of DOM elements and certain HTML characters that can lead to cross-site scripting. (1025, 1026)
Download dialog boxes can be made small enough that users may not realize they are accepting a download and further, executing such a download. (1027)
An attacker could cause an application crash by tricking a user into connecting to a malicious site, as demonstrated by the Lenovo ‘Shop Now’ page. (CVE-2012-4146)
Binary data 800853.prm
.opera.com/docs/changelogs/windows/1201
.opera.com/support/kb/view/1016
.opera.com/support/kb/view/1025
.opera.com/support/kb/view/1026
.opera.com/support/kb/view/1027
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3561
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4142
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4143
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4145
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4146