Large form inputs can allow execution of arbitrary code – Opera Security Advisories

Severity

Critical

Description

When certain large form inputs appear on a web page, they can cause Opera to crash. In some cases, the crash can lead to memory corruption, which could be used to execute code. To inject code, additional techniques will have to be employed.

Opera’s response

Opera Software has released Opera 11.01, where this issue has been fixed.

Credits

Thanks to Jordi Chancel for reporting this issue to Opera Software.