CVE-2012-6472 — MEDIUM (4.6)

Q: How severe is CVE-2012-6472?

CVE-2012-6472 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2012-6472?

Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser, Unix Unix.

Vulnerability Description

Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file.

CVSS Score

4.6

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Opera	Opera Browser	<= 12.11
Unix	Unix	All versions

Related Weaknesses (CWE)

CWE-264

References

http://www.opera.com/docs/changelogs/unified/1212/
http://www.opera.com/support/kb/view/1039/Vendor Advisory
http://www.opera.com/docs/changelogs/unified/1212/
http://www.opera.com/support/kb/view/1039/Vendor Advisory

FAQ

What is CVE-2012-6472?

CVE-2012-6472 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuratio...

How severe is CVE-2012-6472?

CVE-2012-6472 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2012-6472?

Check the references section above for vendor advisories and patch information. Affected products include: Opera Opera Browser, Unix Unix.