First published: Mon Aug 06 2012(Updated: )
Opera before 12.01 on Windows and UNIX, and before 11.66 and 12.x before 12.01 on Mac OS X, ignores some characters in HTML documents in unspecified circumstances, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted document.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opera | <=12.00 | |
Opera | =12.00-beta | |
Linux kernel | ||
Microsoft Windows | ||
Opera | <=11.65 | |
Opera | =10.00 | |
Opera | =10.00-beta1 | |
Opera | =10.00-beta2 | |
Opera | =10.00-beta3 | |
Opera | =10.01 | |
Opera | =10.10 | |
Opera | =10.10-beta1 | |
Opera | =10.11 | |
Opera | =10.50 | |
Opera | =10.50-beta1 | |
Opera | =10.50-beta2 | |
Opera | =10.51 | |
Opera | =10.52 | |
Opera | =10.52-beta1 | |
Opera | =10.52-beta2 | |
Opera | =10.53 | |
Opera | =10.53-b | |
Opera | =10.53-beta1 | |
Opera | =10.54 | |
Opera | =10.60 | |
Opera | =10.60-beta1 | |
Opera | =10.61 | |
Opera | =10.62 | |
Opera | =10.63 | |
Opera | =11.00 | |
Opera | =11.00-beta | |
Opera | =11.01 | |
Opera | =11.10 | |
Opera | =11.10-beta | |
Opera | =11.11 | |
Opera | =11.50 | |
Opera | =11.50-beta | |
Opera | =11.51 | |
Opera | =11.52 | |
Opera | =11.52.1100 | |
Opera | =11.60 | |
Opera | =11.60-beta | |
Opera | =11.61 | |
Opera | =11.62 | |
Opera | =11.64 | |
Opera | =12.00 | |
Apple iOS and macOS |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2012-4142 has been classified with a moderate severity level due to its potential to enable cross-site scripting (XSS) attacks.
To fix CVE-2012-4142, update the Opera browser to version 12.01 or later.
CVE-2012-4142 affects Opera versions before 12.01 on Windows, UNIX, and Mac OS X, including versions up to 11.65.
CVE-2012-4142 is a cross-site scripting (XSS) vulnerability that allows remote attackers to potentially exploit the affected browsers.
No, if you are using an Opera version higher than 12.01, your system is not vulnerable to CVE-2012-4142.