Vulnerabilities > Unix

DATE CVE VULNERABILITY TITLE RISK
2013-01-02 CVE-2012-6472 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 12.12 on UNIX uses weak permissions for the profile directory, which allows local users to obtain sensitive information by reading a (1) cache file, (2) password file, or (3) configuration file, or (4) possibly gain privileges by modifying or overwriting a configuration file.
local
low complexity
opera unix CWE-264
4.6
2012-03-28 CVE-2012-1931 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 11.62 on UNIX, when used in conjunction with an unspecified printing application, allows local users to overwrite arbitrary files via a symlink attack on a temporary file during printing.
local
low complexity
opera unix CWE-264
4.6
2012-03-28 CVE-2012-1930 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 11.62 on UNIX uses world-readable permissions for temporary files during printing, which allows local users to obtain sensitive information by reading these files.
local
low complexity
opera unix CWE-264
4.6
2011-12-16 CVE-2011-4369 Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Unspecified vulnerability in the PRC component in Adobe Reader and Acrobat 9.x before 9.4.7 on Windows, Adobe Reader and Acrobat 9.x through 9.4.6 on Mac OS X, Adobe Reader and Acrobat 10.x through 10.1.1 on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
network
low complexity
adobe apple microsoft unix
critical
10.0
2011-12-07 CVE-2011-2462 Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
network
low complexity
adobe apple microsoft unix
critical
10.0
2010-07-08 CVE-2010-2665 Cross-Site Scripting vulnerability in Opera Browser
Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 10.11 on UNIX platforms, allows remote attackers to inject arbitrary web script or HTML via a data: URI, related to incorrect detection of the "opening site."
4.3
2010-07-08 CVE-2010-2661 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict access to the full pathname of a file selected for upload, which allows remote attackers to obtain potentially sensitive information via unspecified DOM manipulations.
4.3
2010-07-08 CVE-2010-2660 Permissions, Privileges, and Access Controls vulnerability in Opera Browser
Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly restrict certain uses of homograph characters in domain names, which makes it easier for remote attackers to spoof IDN domains via unspecified choices of characters.
4.3
2010-07-08 CVE-2010-2659 Information Exposure vulnerability in Opera Browser
Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes widget properties accessible to third-party domains, which allows remote attackers to obtain potentially sensitive information via a crafted web site.
4.3
2010-07-02 CVE-2010-2594 Cross-Site Request Forgery (CSRF) vulnerability in Intersect Alliance Snare Agent and Snare Epilog
Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Snare Agent 1.5.0 and earlier on Linux and AIX, Snare Agent 1.4 and earlier on IRIX, Snare Epilog 1.5.3 and earlier on Windows, and Snare Epilog 1.2 and earlier on UNIX allow remote attackers to hijack the authentication of administrators for requests that (1) change the password or (2) change the listening port.
6.8