CVE-2012-6470

Opera < 12.12 - Remote Code Execution via Malformed GIF Image

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2012-6470. PoCs published by coolkaveh.

AI-analyzed exploit summary This exploit demonstrates a heap corruption vulnerability in Opera Web Browser 12.11 during the handling of GIF files, leading to a write access violation. The PoC triggers an exploitable crash, potentially allowing arbitrary code execution.

Description

Opera before 12.12 does not properly allocate memory for GIF images, which allows remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via a malformed image.

Exploits (1)

exploitdb WORKING POC VERIFIED
by coolkaveh · textdoswindows
https://www.exploit-db.com/exploits/23107

This exploit demonstrates a heap corruption vulnerability in Opera Web Browser 12.11 during the handling of GIF files, leading to a write access violation. The PoC triggers an exploitable crash, potentially allowing arbitrary code execution.

Classification
Working Poc 90%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Opera Web Browser 12.11 Build 1661 and 12.12
No auth needed
Prerequisites: Victim must open a malicious GIF file in Opera Browser
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Vendor Advisory x_refsource_confirm
http://www.opera.com/support/kb/view/1038/
Vendor Advisory x_refsource_confirm
http://www.opera.com/docs/changelogs/unified/1212/

Scores

EPSS 0.0779
EPSS Percentile 93.9%

Details

CWE
CWE-119
Status published
Products (26)
opera/opera_browser 1.00
opera/opera_browser 2.00
opera/opera_browser 2.10 (4 CPE variants)
opera/opera_browser 2.12
opera/opera_browser 3.00 (2 CPE variants)
opera/opera_browser 3.10
opera/opera_browser 3.21
opera/opera_browser 3.50
opera/opera_browser 3.51
opera/opera_browser 3.60
... and 16 more
Published Jan 02, 2013
Tracked Since Feb 18, 2026