Remote Code Execution Vulnerability in Opera Mail by Opera Software
CVE-2016-5101

8.8HIGH

Key Information:

Vendor: Opera
Status: Opera Mail
Vendor: CVE Published:; 29 June 2016

Summary

A vulnerability in Opera Mail prior to February 16, 2016, exposes users to the risk of remote attackers executing arbitrary code through specially crafted email messages. This flaw requires user interaction, making it a potential threat in scenarios where users click on malicious links or open harmful attachments. Adequate security measures should be taken to mitigate this risk, including keeping email clients updated and employing security awareness among users.

References

http://www.opera.com/blogs/security/2016/02/opera-12-and-...

x_refsource_CONFIRM

http://www.securityfocus.com/bid/91507

vdb-entryx_refsource_BID

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 29, 2016
Vulnerability Reserved
May 26, 2016