A specially crafted JPEG image can enable the execution ofarbitrary code.
Affected versions: Versions prior to 9.0 of Opera forMicrosoft Windows and Mac OS X.
Not affected: Opera for Linux, FreeBSD and Solaris.
A specially crafted JPEG image header can trick Opera into allocatingthe wrong amount of memory for the image. This can make Opera crash,or worse, execute code that has been placed into memory in advance.
The image alone can not inject arbitrary code, and will only causeOpera to crash or malfunction. However, used in combination withother methods, it is possible to execute arbitrary code. In mostcases the attempt will fail, and Opera will just crash.
Opera has released Opera 9.0, which does not have this flaw.
Thanks to Chris Ries, VigilantMinds Inc., for reporting this issue.