CVE-2012-1251

Opera < 9.63 - Man-in-the-Middle Attack via Improper X.509 Certificate Verification

Title source: llm
STIX 2.1

Description

Opera before 9.63 does not properly verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

References (5)

Core 5
Core References
Vendor Advisory x_refsource_misc
http://www.opera.com/docs/changelogs/mac/963/
Vendor Advisory x_refsource_misc
http://www.opera.com/docs/changelogs/windows/963/
Vendor Advisory x_refsource_misc
http://www.opera.com/docs/changelogs/unix/963/
Third Party Advisory third-party-advisory x_refsource_jvn
http://jvn.jp/en/jp/JVN39707339/index.html
Third Party Advisory third-party-advisory x_refsource_jvndb
http://jvndb.jvn.jp/jvndb/JVNDB-2012-000049

Scores

EPSS 0.0020
EPSS Percentile 41.5%

Details

CWE
CWE-310
Status published
Products (27)
opera/opera_browser 1.00
opera/opera_browser 2.00
opera/opera_browser 2.10 (4 CPE variants)
opera/opera_browser 2.12
opera/opera_browser 3.00 (2 CPE variants)
opera/opera_browser 3.10
opera/opera_browser 3.21
opera/opera_browser 3.50
opera/opera_browser 3.51
opera/opera_browser 3.60
... and 17 more
Published Jun 04, 2012
Tracked Since Feb 18, 2026