CVE-2013-1618

Опубликовано: 08 фев. 2013

Источник: nvd

CVSS2: 4

EPSS Низкий

Описание

The TLS implementation in Opera before 12.13 does not properly consider timing side-channel attacks on a MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, a related issue to CVE-2013-0169.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:opera:opera_browser:*:*:*:*:*:*:*:*

Версия до 12.12 (включая)

cpe:2.3:a:opera:opera_browser:12.00:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.00:beta:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.01:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.02:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.10:*:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.10:beta:*:*:*:*:*:*

cpe:2.3:a:opera:opera_browser:12.11:*:*:*:*:*:*:*

EPSS

Процентиль: 66%

0.00526

Низкий

4 Medium

CVSS2

Дефекты

CWE-310

Связанные уязвимости

GHSA-cjrv-3xx9-58f9

github

больше 3 лет назад