When Opera encounters a newsfeed source on a Web page, it prompts to add the source as a newsfeed. A script can manipulate the feed source in a way that can cause Opera to crash. The crash is caused by an erroneous memory access. To inject code, additional techniques will have to be employed.
Opera Software has released Opera 9.27 with a fix for this vulnerability.
Thanks to Michal Zalewski for reporting this issue to Opera Software.