(Updated) Specially crafted JPEG images enables the execution of arbitrary code. – Opera Security Advisories


A specially crafted JPEG image can enable the execution ofarbitrary code.

Severity: Critical


Affected versions: Versions prior to 9.0 of Opera forMicrosoft Windows and Mac OS X.


Not affected: Opera for Linux, FreeBSD and Solaris.

Problem description

A specially crafted JPEG image header can trick Opera into allocatingthe wrong amount of memory for the image. This can make Opera crash,or worse, execute code that has been placed into memory in advance.


The image alone can not inject arbitrary code, and will only causeOpera to crash or malfunction. However, used in combination withother methods, it is possible to execute arbitrary code. In mostcases the attempt will fail, and Opera will just crash.


Disabling JavaScript makes it much harder to exploit this flaw.Changing the display settings to 256 colors in Microsoft Windowswill defeat the exploit completely.

Opera’s response


Opera has released Opera 9.0, which does not have this flaw.


Thanks to Chris Ries, VigilantMinds Inc., for reporting this issue.