Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 444040 - <www-client/opera-12.11.1661 : Buffer Overflow and Local File Detection (CVE-2012-{6468,6469})
Summary: <www-client/opera-12.11.1661 : Buffer Overflow and Local File Detection (CVE-...
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B2 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-11-20 13:31 UTC by Agostino Sarubbo
Modified: 2014-06-19 11:49 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2012-11-20 13:31:08 UTC
From https://secunia.com/advisories/51331/ :

Description
A weakness and a vulnerability have been reported in Opera, which can be exploited by malicious 
people to disclose certain sensitive information and compromise a user's system.

1) The vulnerability is caused due to an error when handling HTTP responses and can be exploited to 
cause a heap-based buffer overflow.

Successful exploitation of this vulnerability may allow execution of arbitrary code.

2) The weakness is caused due to an error when handling error pages and can be exploited to 
determine the presence of local files.

The weakness and the vulnerability are reported in versions prior to 12.11.


Solution
Update to version 12.11.
Comment 1 Jeroen Roovers (RETIRED) gentoo-dev 2012-11-20 14:07:46 UTC
Security
 - Fixed an issue where HTTP response heap buffer overflow could allow execution
   of arbitrary code; see our advisory[1]
 - Fixed an issue where error pages could be used to guess local file paths; see
   our advisory[2]


[1] http://www.opera.com/support/kb/view/1036/ , the same as
    https://secunia.com/advisories/51331/
[2] http://www.opera.com/support/kb/view/1037/



Arch teams, please test and mark stable:
=www-client/opera-12.11.1661
Stable KEYWORDS : amd64 x86
Comment 2 Agostino Sarubbo gentoo-dev 2012-11-20 16:23:01 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2012-11-21 10:17:40 UTC
x86 stable
Comment 4 Sean Amoss (RETIRED) gentoo-dev Security 2012-11-26 11:53:57 UTC
Added to existing GLSA request.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2013-01-02 19:09:16 UTC
CVE-2012-6469 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6469):
  Opera before 12.11 allows remote attackers to determine the existence of
  arbitrary local files via vectors involving web script in an error page.

CVE-2012-6468 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2012-6468):
  Heap-based buffer overflow in Opera before 12.11 allows remote attackers to
  execute arbitrary code or cause a denial of service (memory corruption) via
  a long HTTP response.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2014-06-15 00:48:05 UTC
This issue was resolved and addressed in
 GLSA 201406-14 at http://security.gentoo.org/glsa/glsa-201406-14.xml
by GLSA coordinator Chris Reffett (creffett).
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2014-06-19 11:49:49 UTC
This issue was resolved and addressed in
 GLSA 201406-14 at http://security.gentoo.org/glsa/glsa-201406-14.xml
by GLSA coordinator Chris Reffett (creffett).