CVE-2012-1251
Severity CVSS v4.0:
Pending analysis
Type:
CWE-310
Cryptographic Issues
Publication date:
04/06/2012
Last modified:
11/04/2025
Description
Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
Impact
Base Score 2.0
5.80
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:* | 9.62 (including) | |
| cpe:2.3:a:opera:opera_browser:1.00:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.00:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.10:beta1:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.10:beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.10:beta3:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:2.12:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.00:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.00:beta:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.10:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.21:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.50:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.51:*:*:*:*:*:*:* | ||
| cpe:2.3:a:opera:opera_browser:3.60:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://jvn.jp/en/jp/JVN39707339/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000049
- http://www.opera.com/docs/changelogs/mac/963/
- http://www.opera.com/docs/changelogs/unix/963/
- http://www.opera.com/docs/changelogs/windows/963/
- http://jvn.jp/en/jp/JVN39707339/index.html
- http://jvndb.jvn.jp/jvndb/JVNDB-2012-000049
- http://www.opera.com/docs/changelogs/mac/963/
- http://www.opera.com/docs/changelogs/unix/963/
- http://www.opera.com/docs/changelogs/windows/963/