HTTP Content-Length header can be used to execute arbitrary code – Opera Security Advisories

Affected versions

This vulnerability affects Opera for Microsoft Windows.

Severity

Highly Severe

Description

Large values in the HTTP Content-Length header can cause Opera to crash. Certain specific values can cause a memory corruption, which in some cases can allow arbitrary code to be injected and executed. In most cases Opera will just crash. To inject code, additional techniques will have to be employed. For more details, see our article about this issue.

Opera’s response

Opera Software has released Opera 10.51, where this issue has been fixed.