Severity
Moderately Severe
Problem Description
Specially malformed bitmap images can cause Opera to render the image using a palette made up from uninitialized memory. Using canvas, the pattern can be read and analyzed by JavaScript, so an attacker can get random samples of the user’s memory, which may contain data.
Opera’s Response
Opera Software has released Opera 9.25, where this issue has been fixed.
Credits
Thanks to Gynvael Coldwind for reporting this issue to Opera Software.