CVE-2012-6464

Opera < 12.10 - Cross-Site Scripting via Native Object Method Override

Title source: llm
STIX 2.1

Description

Cross-site scripting (XSS) vulnerability in Opera before 12.10 allows remote attackers to inject arbitrary web script or HTML via crafted JavaScript code that overrides methods of unspecified native objects in documents that have different origins.

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1032/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unified/1210/

Scores

EPSS 0.0026
EPSS Percentile 49.7%

Details

CWE
CWE-79
Status published
Products (26)
opera/opera_browser 1.00
opera/opera_browser 2.00
opera/opera_browser 2.10 (4 CPE variants)
opera/opera_browser 2.12
opera/opera_browser 3.00 (2 CPE variants)
opera/opera_browser 3.10
opera/opera_browser 3.21
opera/opera_browser 3.50
opera/opera_browser 3.51
opera/opera_browser 3.60
... and 16 more
Published Jan 02, 2013
Tracked Since Feb 18, 2026