Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 433449 - <www-client/opera-12.02.1578: Truncated dialogs may be used to trick users (CVE-2012-6460)
Summary: <www-client/opera-12.02.1578: Truncated dialogs may be used to trick users (C...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on: 433679
Blocks:
  Show dependency tree
 
Reported: 2012-08-30 16:10 UTC by Jeroen Roovers (RETIRED)
Modified: 2013-01-03 11:29 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeroen Roovers (RETIRED) gentoo-dev 2012-08-30 16:10:24 UTC 
Fixed an issue where truncated dialogs may be used to trick users; see our advisory[1]


[1] http://www.opera.com/support/kb/view/1028/
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2012-08-30 16:26:16 UTC 
Arch teams, please test and mark stable:
=www-client/opera-12.02.1578
Stable KEYWORDS : amd64 x86
Comment 2 Tim Sammut (RETIRED) gentoo-dev 2012-08-31 19:06:00 UTC 
Thanks, Jeroen.
Comment 3 Agostino Sarubbo gentoo-dev 2012-09-02 18:03:00 UTC 
amd64 stable
Comment 4 Johannes Huber (RETIRED) gentoo-dev 2012-09-12 13:46:29 UTC 
x86 stable. Last arch.
Comment 5 Tim Sammut (RETIRED) gentoo-dev 2012-09-13 02:41:44 UTC 
Thanks folks. GLSA Vote: no.
Comment 6 Sean Amoss (RETIRED) gentoo-dev Security 2012-09-19 10:42:15 UTC 
GLSA vote: no. 

Closing noglsa.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2013-01-03 11:29:15 UTC 
CVE-2012-6460 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6460):
  Opera before 11.67 and 12.x before 12.02 allows remote attackers to cause
  truncation of a dialog, and possibly trigger downloading and execution of
  arbitrary programs, via a crafted web site.