Multiple asynchronous document modifications can be used to execute arbitrary code – Opera Security Advisories

Affected versions

This vulnerability affects Opera for Windows and Mac.

Severity

Extremely Severe

Description

Multiple asynchronous calls to a script that modifies the document contents can cause Opera to reference an uninitialized value, which may lead to a crash. To inject code, additional techniques will have to be employed.

Opera’s Response

Opera Software has released Opera 10.53, where this issue has been fixed.