CVE-2012-6472

CWE-2643 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 87.66%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opera Opera Browser

Timeline

PublishedJan 2

Latest updateMay 17

Description

Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file.

CVSS vector

AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4

Affected Packages1 packages

▶NVDopera/opera_browser12.11+107

🔴Vulnerability Details

GHSA

GHSA-6x3c-5mcv-wg4m: Opera before 12↗2022-05-17

▶

CVEList

CVE-2012-6472: Opera before 12↗2013-01-02

▶