Severity
Description
Various unexpected DOM manipulations can cause Opera to crash. In some cases, these crashes can occur in a way that allows execution of arbitrary code. To inject code, additional techniques may have to be employed.
Opera’s response
Opera Software has released Opera 11.00, where several related crashes have been fixed.
Credits
Thanks to Michal Zalewski for providing the cross_fuzz DOM manipulation fuzzer.