6.8

CVE-2012-4143

Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, allows user-assisted remote attackers to trick users into downloading and executing arbitrary files via a small window for the download dialog, a different vulnerability than CVE-2012-1924.

Data is provided by the National Vulnerability Database (NVD)
OperaOpera Browser Version <= 12.00
   LinuxLinux Kernel
   MicrosoftWindows
OperaOpera Browser Version12.00 Updatebeta
   LinuxLinux Kernel
   MicrosoftWindows
OperaOpera Browser Version <= 11.65
   ApplemacOS X
OperaOpera Browser Version10.00
   ApplemacOS X
OperaOpera Browser Version10.00 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.00 Updatebeta2
   ApplemacOS X
OperaOpera Browser Version10.00 Updatebeta3
   ApplemacOS X
OperaOpera Browser Version10.01
   ApplemacOS X
OperaOpera Browser Version10.10
   ApplemacOS X
OperaOpera Browser Version10.10 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.11
   ApplemacOS X
OperaOpera Browser Version10.50
   ApplemacOS X
OperaOpera Browser Version10.50 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.50 Updatebeta2
   ApplemacOS X
OperaOpera Browser Version10.51
   ApplemacOS X
OperaOpera Browser Version10.52
   ApplemacOS X
OperaOpera Browser Version10.52 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.52 Updatebeta2
   ApplemacOS X
OperaOpera Browser Version10.53
   ApplemacOS X
OperaOpera Browser Version10.53 Updateb
   ApplemacOS X
OperaOpera Browser Version10.53 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.54
   ApplemacOS X
OperaOpera Browser Version10.60
   ApplemacOS X
OperaOpera Browser Version10.60 Updatebeta1
   ApplemacOS X
OperaOpera Browser Version10.61
   ApplemacOS X
OperaOpera Browser Version10.62
   ApplemacOS X
OperaOpera Browser Version10.63
   ApplemacOS X
OperaOpera Browser Version11.00
   ApplemacOS X
OperaOpera Browser Version11.00 Updatebeta
   ApplemacOS X
OperaOpera Browser Version11.01
   ApplemacOS X
OperaOpera Browser Version11.10
   ApplemacOS X
OperaOpera Browser Version11.10 Updatebeta
   ApplemacOS X
OperaOpera Browser Version11.11
   ApplemacOS X
OperaOpera Browser Version11.50
   ApplemacOS X
OperaOpera Browser Version11.50 Updatebeta
   ApplemacOS X
OperaOpera Browser Version11.51
   ApplemacOS X
OperaOpera Browser Version11.52
   ApplemacOS X
OperaOpera Browser Version11.52.1100
   ApplemacOS X
OperaOpera Browser Version11.60
   ApplemacOS X
OperaOpera Browser Version11.60 Updatebeta
   ApplemacOS X
OperaOpera Browser Version11.61
   ApplemacOS X
OperaOpera Browser Version11.62
   ApplemacOS X
OperaOpera Browser Version11.64
   ApplemacOS X
OperaOpera Browser Version12.00
   ApplemacOS X
OperaOpera Browser Version12.00 Updatebeta
   ApplemacOS X
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 0.67% 0.689
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 6.8 8.6 6.4
AV:N/AC:M/Au:N/C:P/I:P/A:P
CWE-94 Improper Control of Generation of Code ('Code Injection')

The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.