First published: Fri Feb 08 2013(Updated: )
The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Opera Opera Browser | <=12.12 | |
Opera Opera Browser | =12.00 | |
Opera Opera Browser | =12.00-beta | |
Opera Opera Browser | =12.01 | |
Opera Opera Browser | =12.02 | |
Opera Opera Browser | =12.10 | |
Opera Opera Browser | =12.10-beta | |
Opera Opera Browser | =12.11 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.